You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This report covers the last 7 days of security observability data for the github/gh-aw repository, consolidating firewall traffic analysis and DIFC integrity-filtered event analysis. The firewall signal is the primary story this period: across 108 firewall-enabled workflow runs, over 17,636 network requests were processed with a significant 51.7% block rate (9,121 blocked out of 17,636 total). The blocked traffic is dominated by Google-ecosystem domains, browser automation telemetry, and a small number of legitimate development hosts (GitHub, Go module proxy).
On the DIFC front, no integrity-filtered events were found in the last 7 days — either via the fresh startup scan or the cached snapshot — indicating that the Data Integrity and Flow Control system did not need to intervene in any tool calls during this period. This is a healthy signal for workflow integrity compliance.
The most notable firewall finding is the spike on 2026-06-22 (8,345 blocked / 4,447 allowed), which likely reflects a browser-automation or Playwright-heavy test run that generated substantial outbound traffic toward Google services. Three playwright CDN domains also appear in blocked lists, suggesting those runs ran without proper network allowlisting.
🔥 Firewall Analysis
Key Firewall Metrics
Metric
Value
Workflows analyzed (firewall-enabled)
108
Total network requests monitored
17,636
✅ Allowed requests
8,515
🚫 Blocked requests
9,121
Block rate
51.7%
Total unique blocked domains
16
📈 Firewall Request Trends
Network activity was concentrated on three active days: June 16, June 22, and June 24. The June 22 spike is dramatically larger than the others, with 8,345 blocked requests compared to 4,447 allowed — a 65% block rate for that day. This suggests a workflow run on that date attempted to reach a large number of externally blocked domains (primarily Google APIs and browser telemetry endpoints). June 24 shows more balanced traffic with higher allowed counts, consistent with standard workflow operation.
Top Blocked Domains
The blocked domain landscape is dominated by Google services: www.google.com:443 (18 blocks), content-autofill.googleapis.com:443 (14), and accounts.google.com:443 (10) together account for 46% of all unique-domain blocking events. The localhost:8080 blocks (14 occurrences) are noteworthy — these suggest agent processes attempting to reach local service ports, possibly MCP server processes, which may indicate misconfigured tooling or expected sandbox behavior. The presence of api.github.com:443 and github.com:443 in the blocked list warrants attention as these may represent legitimate workflow actions being unnecessarily blocked.
Allowlist api.github.com and github.com — These are core GitHub services that agentic workflows legitimately need. Their presence in the blocked list suggests at least one workflow run lacked network access to GitHub endpoints, which may cause silent failures in gh CLI calls or GitHub API integrations.
Allowlist proxy.golang.org — Go module downloads are a routine build step. If Go-based workflows are blocked from reaching the module proxy, they will fail or use stale cached modules. Add proxy.golang.org to the permitted egress list for build workflows.
Investigate localhost:8080 blocks — The 14 localhost:8080 blocks likely reflect MCP bridge or local server calls. If these are expected (e.g., the agenticworkflows MCP bridge), the firewall rule may be misconfigured for loopback traffic. Review whether firewall rules correctly handle 127.0.0.1/::1 addresses.
Review the June 22 traffic spike — The 8,345 blocked requests on a single day indicate a workflow run with unusually high external network activity (likely browser/Playwright-based). Audit the run(s) on that date to confirm no data exfiltration or unexpected lateral movement occurred.
Google API blocks are expected but high — The majority of blocked domains (*.googleapis.com, *.google.com) are likely browser telemetry from Playwright or Chromium tests. These are not security concerns but contribute noise. Consider flagging browser-test workflows separately in firewall reporting to reduce false-positive alerting.
Playwright CDN domains — playwright.azureedge.net and its variants should be added to the allowlist for any workflow that performs browser automation, as these CDN endpoints deliver Playwright browser binaries.
🔒 DIFC Integrity Analysis
Key DIFC Metrics
Metric
Value
Total filtered events
0
Unique tools filtered
0
Unique workflows affected
0
Most common filter reason
N/A
Busiest day
N/A
i️ No DIFC integrity-filtered events were found in the last 7 days. Both the fresh startup scan (/tmp/gh-aw/agent/integrity/filtered-logs.json) and the cached snapshot confirmed zero filtered events. DIFC charts are not generated for empty datasets.
This is a positive security signal: no tool calls were intercepted or blocked by the Data Integrity and Flow Control system during this period. It indicates that all MCP tool calls in the analyzed workflow runs passed integrity and secrecy tag validation without triggering filtering rules.
💡 DIFC Tuning Recommendations
Baseline is healthy — Zero DIFC filtering events over 7 days means workflows are operating within expected integrity boundaries. No immediate tuning is required.
Monitor for future events — If DIFC events do appear in future runs, the most important dimensions to analyze are: tool_name (which tools are triggering filters), reason (integrity vs. secrecy), and author_association (whether events correlate with external contributors).
Verify snapshot freshness — The cached DIFC snapshot was last updated on 2026-06-23, which is within the 7-day validity window. Ensure the startup step continues to restore and refresh this snapshot on each run to maintain accurate warm-start behavior.
Generated by the Daily Security Observability workflow (consolidated from Daily Firewall Reporter + Daily DIFC Analyzer) Analysis window: Last 7 days | Repository: github/gh-aw Run: §28746961797
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
This report covers the last 7 days of security observability data for the
github/gh-awrepository, consolidating firewall traffic analysis and DIFC integrity-filtered event analysis. The firewall signal is the primary story this period: across 108 firewall-enabled workflow runs, over 17,636 network requests were processed with a significant 51.7% block rate (9,121 blocked out of 17,636 total). The blocked traffic is dominated by Google-ecosystem domains, browser automation telemetry, and a small number of legitimate development hosts (GitHub, Go module proxy).On the DIFC front, no integrity-filtered events were found in the last 7 days — either via the fresh startup scan or the cached snapshot — indicating that the Data Integrity and Flow Control system did not need to intervene in any tool calls during this period. This is a healthy signal for workflow integrity compliance.
The most notable firewall finding is the spike on 2026-06-22 (8,345 blocked / 4,447 allowed), which likely reflects a browser-automation or Playwright-heavy test run that generated substantial outbound traffic toward Google services. Three playwright CDN domains also appear in blocked lists, suggesting those runs ran without proper network allowlisting.
🔥 Firewall Analysis
Key Firewall Metrics
📈 Firewall Request Trends
Network activity was concentrated on three active days: June 16, June 22, and June 24. The June 22 spike is dramatically larger than the others, with 8,345 blocked requests compared to 4,447 allowed — a 65% block rate for that day. This suggests a workflow run on that date attempted to reach a large number of externally blocked domains (primarily Google APIs and browser telemetry endpoints). June 24 shows more balanced traffic with higher allowed counts, consistent with standard workflow operation.
Top Blocked Domains
The blocked domain landscape is dominated by Google services:
www.google.com:443(18 blocks),content-autofill.googleapis.com:443(14), andaccounts.google.com:443(10) together account for 46% of all unique-domain blocking events. Thelocalhost:8080blocks (14 occurrences) are noteworthy — these suggest agent processes attempting to reach local service ports, possibly MCP server processes, which may indicate misconfigured tooling or expected sandbox behavior. The presence ofapi.github.com:443andgithub.com:443in the blocked list warrants attention as these may represent legitimate workflow actions being unnecessarily blocked.Most Frequently Blocked Domains
View Complete Blocked Domains List (Alphabetical)
🔒 Firewall Security Recommendations
Allowlist
api.github.comandgithub.com— These are core GitHub services that agentic workflows legitimately need. Their presence in the blocked list suggests at least one workflow run lacked network access to GitHub endpoints, which may cause silent failures inghCLI calls or GitHub API integrations.Allowlist
proxy.golang.org— Go module downloads are a routine build step. If Go-based workflows are blocked from reaching the module proxy, they will fail or use stale cached modules. Addproxy.golang.orgto the permitted egress list for build workflows.Investigate
localhost:8080blocks — The 14localhost:8080blocks likely reflect MCP bridge or local server calls. If these are expected (e.g., the agenticworkflows MCP bridge), the firewall rule may be misconfigured for loopback traffic. Review whether firewall rules correctly handle127.0.0.1/::1addresses.Review the June 22 traffic spike — The 8,345 blocked requests on a single day indicate a workflow run with unusually high external network activity (likely browser/Playwright-based). Audit the run(s) on that date to confirm no data exfiltration or unexpected lateral movement occurred.
Google API blocks are expected but high — The majority of blocked domains (
*.googleapis.com,*.google.com) are likely browser telemetry from Playwright or Chromium tests. These are not security concerns but contribute noise. Consider flagging browser-test workflows separately in firewall reporting to reduce false-positive alerting.Playwright CDN domains —
playwright.azureedge.netand its variants should be added to the allowlist for any workflow that performs browser automation, as these CDN endpoints deliver Playwright browser binaries.🔒 DIFC Integrity Analysis
Key DIFC Metrics
This is a positive security signal: no tool calls were intercepted or blocked by the Data Integrity and Flow Control system during this period. It indicates that all MCP tool calls in the analyzed workflow runs passed integrity and secrecy tag validation without triggering filtering rules.
💡 DIFC Tuning Recommendations
Baseline is healthy — Zero DIFC filtering events over 7 days means workflows are operating within expected integrity boundaries. No immediate tuning is required.
Monitor for future events — If DIFC events do appear in future runs, the most important dimensions to analyze are:
tool_name(which tools are triggering filters),reason(integrity vs. secrecy), andauthor_association(whether events correlate with external contributors).Verify snapshot freshness — The cached DIFC snapshot was last updated on 2026-06-23, which is within the 7-day validity window. Ensure the startup step continues to restore and refresh this snapshot on each run to maintain accurate warm-start behavior.
Generated by the Daily Security Observability workflow (consolidated from Daily Firewall Reporter + Daily DIFC Analyzer)
Analysis window: Last 7 days | Repository: github/gh-aw
Run: §28746961797
Beta Was this translation helpful? Give feedback.
All reactions