[detection-analysis] Detection Analysis Report — 2026-06-30 (24h) #42485
Closed
Replies: 2 comments
-
|
/w update agentic workflows to create actionable issue to fix issue |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
This discussion has been marked as outdated by Detection Analysis Report. A newer discussion is available at Discussion #42769. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Summary
gh-aw-detection: true): 12 (41.4%)Warning
2 audit/report-class workflows are running without
gh-aw-detection: true. Audit and report workflows aggregate cross-run data and should run threat detection on their outputs. See the table below for the recommended fixes.Comparison Chart
Detection-enabled runs had a higher success rate (91.7% vs 76.5%) and lower average token usage this window. The 4 regular-run failures were 3×
PR Sous Chefand 1×Smoke CI; the single detection-run failure (Daily Max Ai Credits Test) failed in its agent job — its detection job concluded successfully (threat-detection steps were correctly skipped because the agent produced no output to scan).Misconfigured Workflows
audit)gh-aw-detection: trueto the workflow frontmatter so the audit's outputs are scanned.report)gh-aw-detection: trueto the workflow frontmatter so the aggregated report is scanned.Other checks (no misconfiguration confirmed):
success.gh-aw-detection: falseon active workflows (criterion 1):Smoke CIran with detection explicitlyfalse, but only 1 run is present in the 24h window, so the ">3 runs in 7 days" threshold could not be confirmed from this data. Watch item, not a confirmed misconfiguration.View All Run Metrics
View Historical Trend
A trend chart is generated once ≥7 days of history are accumulated. Current history: 4 days (2026-06-27 → 2026-06-30). Today's record was appended to
trending/detection-metrics/history.jsonl.Recommendations
gh-aw-detection: truetoDaily Agentic Workflow AIC Usage AuditandDaily AIC Consumption Report (Sentry + Grafana OTel)— these aggregate cross-run data and are exactly the class that should be scanned.Smoke CI's explicitgh-aw-detection: false. Confirm this is an intentional opt-out for a CI smoke test; if it ever exercises agent outputs, re-enable detection. Re-check once ≥7 days of run history is available to evaluate the ">3 runs / 7 days" threshold.PR Sous Cheffailures (3/3 runs failed this window) and theDaily Max Ai Credits Testagent-job failure — these are agent/CI issues, not detection issues, but they dominate the failure count.References:
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpgSee Network Configuration for more information.
Beta Was this translation helpful? Give feedback.
All reactions