From 346aad795e5384aa1121252b6d8f204ea926892d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 07:40:24 +0000 Subject: [PATCH 1/4] Initial plan From 864a83ee2121a5c61f56528927c846db1a2952cd Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 07:42:06 +0000 Subject: [PATCH 2/4] chore: start workflow consolidation analysis Co-authored-by: mnkiefer <8320933+mnkiefer@users.noreply.github.com> --- workflows/agentic-token-optimizer.lock.yml | 56 +++++++++++----------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/workflows/agentic-token-optimizer.lock.yml b/workflows/agentic-token-optimizer.lock.yml index 4ad71b0..f38ab8e 100644 --- a/workflows/agentic-token-optimizer.lock.yml +++ b/workflows/agentic-token-optimizer.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"4438c21791f3d3d3031f6f7cc5873056a99964b53be141cc3f4d45c704e48ae1","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"dfd770dc1d31a475135a4cd261c183f1a5298e934d37c3bbcee0963787c3b449","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"bc56a0cad2f450c562810785ef38649c04db812a","version":"v0.72.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41","digest":"sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41@sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41","digest":"sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41@sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.41","digest":"sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe","pinned_image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.41@sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41","digest":"sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41@sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.6","digest":"sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.6@sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c"},{"image":"ghcr.io/github/github-mcp-server:v1.0.3","digest":"sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959","pinned_image":"ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]} # ___ _ _ # / _ \ | | (_) @@ -22,7 +22,7 @@ # # For more information: https://github.github.com/gh-aw/introduction/overview/ # -# Daily optimizer that identifies a high-token-usage agentic workflow, audits its runs, and recommends efficiency improvements including inline sub-agent refactors when warranted +# Daily optimizer that identifies high-AI-credit-spend agentic workflows, audits their runs, and recommends efficiency improvements including inline sub-agent refactors when warranted # # Secrets used: # - COPILOT_GITHUB_TOKEN @@ -47,7 +47,7 @@ # - ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959 # - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f -name: "Agentic Workflow Token Usage Optimizer" +name: "Agentic Workflow AI Credit Spend Optimizer" "on": schedule: - cron: "19 14 * * 1-5" @@ -65,7 +65,7 @@ permissions: {} concurrency: group: "gh-aw-${{ github.workflow }}" -run-name: "Agentic Workflow Token Usage Optimizer" +run-name: "Agentic Workflow AI Credit Spend Optimizer" jobs: activation: @@ -90,7 +90,7 @@ jobs: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Generate agentic run info @@ -102,7 +102,7 @@ jobs: GH_AW_INFO_VERSION: "1.0.40" GH_AW_INFO_AGENT_VERSION: "1.0.40" GH_AW_INFO_CLI_VERSION: "v0.72.1" - GH_AW_INFO_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_INFO_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_INFO_EXPERIMENTAL: "false" GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true" GH_AW_INFO_STAGED: "false" @@ -184,21 +184,21 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_9143545ba38af420_EOF' + cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' - GH_AW_PROMPT_9143545ba38af420_EOF + GH_AW_PROMPT_90fefde78ed6eadd_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_9143545ba38af420_EOF' + cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' Tools: create_issue, missing_tool, missing_data, noop - GH_AW_PROMPT_9143545ba38af420_EOF + GH_AW_PROMPT_90fefde78ed6eadd_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_9143545ba38af420_EOF' + cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' The following GitHub context information is available for this workflow: {{#if __GH_AW_GITHUB_ACTOR__ }} @@ -227,12 +227,12 @@ jobs: {{/if}} - GH_AW_PROMPT_9143545ba38af420_EOF + GH_AW_PROMPT_90fefde78ed6eadd_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_9143545ba38af420_EOF' + cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' {{#runtime-import agentic-token-optimizer.md}} - GH_AW_PROMPT_9143545ba38af420_EOF + GH_AW_PROMPT_90fefde78ed6eadd_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -358,7 +358,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Set runtime paths @@ -384,7 +384,7 @@ jobs: name: Download recent agentic workflow logs run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\necho \"đŸ“Ĩ Downloading agentic workflow logs (last 7 days)...\"\n\nLOGS_EXIT=0\ngh aw logs \\\n --start-date -7d \\\n --json \\\n -c 50 \\\n > /tmp/gh-aw/token-audit/all-runs.json || LOGS_EXIT=$?\n\nif [ -s /tmp/gh-aw/token-audit/all-runs.json ]; then\n TOTAL=$(jq '.runs | length' /tmp/gh-aw/token-audit/all-runs.json)\n echo \"✅ Downloaded $TOTAL agentic workflow runs (last 7 days)\"\n if [ \"$LOGS_EXIT\" -ne 0 ]; then\n echo \"⚠ī¸ gh aw logs exited with code $LOGS_EXIT (partial results — likely API rate limit)\"\n fi\nelse\n echo \"❌ No log data downloaded (exit code $LOGS_EXIT)\"\n echo '{\"runs\":[],\"summary\":{}}' > /tmp/gh-aw/token-audit/all-runs.json\nfi\n" - name: Aggregate top workflows by token usage - run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\njq '{\n generated_at: (now | todateiso8601),\n window_days: 7,\n top_workflows: (\n [.runs[]\n | select(.status == \"completed\")\n | {\n workflow_name: .workflow_name,\n tokens: (.token_usage // 0),\n turns: (.turns // 0),\n action_minutes: (.action_minutes // 0)\n }\n ]\n | group_by(.workflow_name)\n | map({\n workflow_name: .[0].workflow_name,\n run_count: length,\n total_tokens: (map(.tokens) | add),\n avg_tokens: ((map(.tokens) | add) / length),\n total_turns: (map(.turns) | add),\n total_action_minutes: (map(.action_minutes) | add)\n })\n | sort_by(.total_tokens)\n | reverse\n | .[:10]\n )\n}' /tmp/gh-aw/token-audit/all-runs.json > /tmp/gh-aw/token-audit/top-workflows.json\n\necho \"✅ Generated top workflow summary at /tmp/gh-aw/token-audit/top-workflows.json\"\njq '.top_workflows' /tmp/gh-aw/token-audit/top-workflows.json\n" + run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\njq '{\n generated_at: (now | todateiso8601),\n window_days: 7,\n top_workflows: (\n [.runs[]\n | select(.status == \"completed\")\n | {\n workflow_name: .workflow_name,\n ai_credits: (.ai_credits // 0),\n tokens: (.token_usage // 0),\n turns: (.turns // 0),\n action_minutes: (.action_minutes // 0)\n }\n ]\n | group_by(.workflow_name)\n | map({\n workflow_name: .[0].workflow_name,\n run_count: length,\n total_ai_credits: (map(.ai_credits) | add),\n avg_ai_credits: ((map(.ai_credits) | add) / length),\n total_tokens: (map(.tokens) | add),\n avg_tokens: ((map(.tokens) | add) / length),\n total_turns: (map(.turns) | add),\n total_action_minutes: (map(.action_minutes) | add)\n })\n | sort_by(.total_ai_credits)\n | reverse\n | .[:10]\n )\n}' /tmp/gh-aw/token-audit/all-runs.json > /tmp/gh-aw/token-audit/top-workflows.json\n\necho \"✅ Generated top workflow summary at /tmp/gh-aw/token-audit/top-workflows.json\"\njq '.top_workflows' /tmp/gh-aw/token-audit/top-workflows.json\n" - name: Load optimization history run: "set -euo pipefail\n\nOPT_LOG=\"/tmp/gh-aw/repo-memory/default/optimization-log.json\"\nif [ -f \"$OPT_LOG\" ]; then\n echo \"✅ Previous optimizations:\"\n jq -r '.[] | \"\\(.date): \\(.workflow_name)\"' \"$OPT_LOG\"\nelse\n echo \"ℹī¸ No previous optimization history found.\"\nfi\n" @@ -464,9 +464,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3593e706b7bdd381_EOF' + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ef0d3b018e7ec638_EOF' {"create_issue":{"close_older_issues":true,"expires":168,"max":1,"title_prefix":"[agentic-token-optimizer] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"report_incomplete":{}} - GH_AW_SAFE_OUTPUTS_CONFIG_3593e706b7bdd381_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_ef0d3b018e7ec638_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -663,7 +663,7 @@ jobs: mkdir -p /home/runner/.copilot GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_a36faed94f703aae_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_0bc1a6b5c23561cc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "safeoutputs": { @@ -688,7 +688,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_a36faed94f703aae_EOF + GH_AW_MCP_CONFIG_0bc1a6b5c23561cc_EOF - name: Mount MCP servers as CLIs id: mount-mcp-clis continue-on-error: true @@ -964,7 +964,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -987,7 +987,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_NOOP_MAX: "1" - GH_AW_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1005,7 +1005,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_MISSING_TOOL_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1020,7 +1020,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1035,7 +1035,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1092,7 +1092,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1161,7 +1161,7 @@ jobs: GH_AW_ENGINE_VERSION: "1.0.40" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_WORKFLOW_ID: "agentic-token-optimizer" - GH_AW_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" outputs: code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }} code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} @@ -1180,7 +1180,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact From b924ab05fff5194b6db0bb7cc5908fa0523d2682 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 07:47:05 +0000 Subject: [PATCH 3/4] fix: consolidate token workflows with upstream AIC updates Co-authored-by: mnkiefer <8320933+mnkiefer@users.noreply.github.com> --- .../workflows/agentic-token-audit.lock.yml | 78 +++++++++---------- .github/workflows/agentic-token-audit.md | 26 ++++--- .../agentic-token-optimizer.lock.yml | 60 +++++++------- .github/workflows/agentic-token-optimizer.md | 30 +++---- README.md | 6 +- workflows/agentic-token-audit.lock.yml | 78 +++++++++---------- workflows/agentic-token-audit.md | 26 ++++--- workflows/agentic-token-optimizer.lock.yml | 60 +++++++------- workflows/agentic-token-optimizer.md | 30 +++---- 9 files changed, 201 insertions(+), 193 deletions(-) diff --git a/.github/workflows/agentic-token-audit.lock.yml b/.github/workflows/agentic-token-audit.lock.yml index 2f5f6f5..3c93d8b 100644 --- a/.github/workflows/agentic-token-audit.lock.yml +++ b/.github/workflows/agentic-token-audit.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"66dccb22aa5d77d4f0ff85f7fb628d8d18ec190e409785d5237280d570cb7788","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a4b06c24463fb7c45698b1f55812de418f28b1b1dc347d4560bc9f9d95e57d55","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/setup-python","sha":"a309ff8b426b58ec0e2a45f0f869d46889d02405","version":"v6.2.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"bc56a0cad2f450c562810785ef38649c04db812a","version":"v0.72.1"}],"containers":[{"image":"alpine:latest","digest":"sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11","pinned_image":"alpine:latest@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11"},{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41","digest":"sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41@sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41","digest":"sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41@sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41","digest":"sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41@sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.6","digest":"sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.6@sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c"},{"image":"ghcr.io/github/github-mcp-server:v1.0.3","digest":"sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959","pinned_image":"ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]} # ___ _ _ # / _ \ | | (_) @@ -22,7 +22,7 @@ # # For more information: https://github.github.com/gh-aw/introduction/overview/ # -# Daily audit of AI credit spend across all agentic workflows with historical trend tracking +# Daily audit of AI Credit (AIC) usage across all agentic workflows with historical trend tracking # # Secrets used: # - COPILOT_GITHUB_TOKEN @@ -49,7 +49,7 @@ # - ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959 # - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f -name: "Daily Agentic Workflow AI Credit Spend Audit" +name: "Daily Agentic Workflow AIC Usage Audit" "on": schedule: - cron: "22 12 * * 1-5" @@ -67,7 +67,7 @@ permissions: {} concurrency: group: "gh-aw-${{ github.workflow }}" -run-name: "Daily Agentic Workflow AI Credit Spend Audit" +run-name: "Daily Agentic Workflow AIC Usage Audit" jobs: activation: @@ -92,7 +92,7 @@ jobs: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Generate agentic run info @@ -104,11 +104,11 @@ jobs: GH_AW_INFO_VERSION: "1.0.40" GH_AW_INFO_AGENT_VERSION: "1.0.40" GH_AW_INFO_CLI_VERSION: "v0.72.1" - GH_AW_INFO_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_INFO_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_INFO_EXPERIMENTAL: "false" GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true" GH_AW_INFO_STAGED: "false" - GH_AW_INFO_ALLOWED_DOMAINS: '["defaults"]' + GH_AW_INFO_ALLOWED_DOMAINS: '["defaults","python"]' GH_AW_INFO_FIREWALL_ENABLED: "true" GH_AW_INFO_AWF_VERSION: "v0.25.41" GH_AW_INFO_AWMG_VERSION: "" @@ -186,24 +186,24 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' Tools: create_issue, upload_asset(max:5), missing_tool, missing_data, noop upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs). - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' The following GitHub context information is available for this workflow: {{#if __GH_AW_GITHUB_ACTOR__ }} @@ -232,12 +232,12 @@ jobs: {{/if}} - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' {{#runtime-import .github/workflows/agentic-token-audit.md}} - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -266,7 +266,7 @@ jobs: GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools' GH_AW_MEMORY_BRANCH_NAME: 'memory/token-audit' GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: *.json, *.jsonl, *.csv, *.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 51200 bytes (50 KB) total per push (max: 100 KB)\n" - GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow token usage snapshots (shared with agentic-token-optimizer)' + GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow AIC snapshots (shared with agentic-token-optimizer)' GH_AW_MEMORY_DIR: '/tmp/gh-aw/repo-memory/default/' GH_AW_MEMORY_TARGET_REPO: ' of the current repository' GH_AW_WIKI_NOTE: '' @@ -363,7 +363,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Set runtime paths @@ -384,7 +384,7 @@ jobs: run: bash "${RUNNER_TEMP}/gh-aw/actions/configure_gh_for_ghe.sh" env: GH_TOKEN: ${{ github.token }} - - name: Setup Python runtime + - name: Setup Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -505,9 +505,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << GH_AW_SAFE_OUTPUTS_CONFIG_fc5427ce94cc54e5_EOF + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << GH_AW_SAFE_OUTPUTS_CONFIG_3b6ca9f5acfde28d_EOF {"create_issue":{"close_older_issues":true,"expires":72,"max":1,"title_prefix":"[agentic-token-audit] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"report_incomplete":{},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg",".svg"],"branch":"assets/${GITHUB_WORKFLOW}","max":5,"max-size":10240}} - GH_AW_SAFE_OUTPUTS_CONFIG_fc5427ce94cc54e5_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_3b6ca9f5acfde28d_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -721,7 +721,7 @@ jobs: mkdir -p /home/runner/.copilot GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_b5608ebb55ab9219_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_8ff2b9231c74daa4_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "agenticworkflows": { @@ -783,7 +783,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_b5608ebb55ab9219_EOF + GH_AW_MCP_CONFIG_8ff2b9231c74daa4_EOF - name: Mount MCP servers as CLIs id: mount-mcp-clis continue-on-error: true @@ -815,7 +815,7 @@ jobs: GH_AW_NODE_BIN=$(command -v node 2>/dev/null || true) export GH_AW_NODE_BIN (umask 177 && touch /tmp/gh-aw/agent-stdio.log) - printf '%s\n' '{"$schema":"https://github.com/github/gh-aw-firewall/releases/download/v0.25.41/awf-config.schema.json","network":{"allowDomains":["api.business.githubcopilot.com","api.enterprise.githubcopilot.com","api.github.com","api.githubcopilot.com","api.individual.githubcopilot.com","api.snapcraft.io","archive.ubuntu.com","azure.archive.ubuntu.com","crl.geotrust.com","crl.globalsign.com","crl.identrust.com","crl.sectigo.com","crl.thawte.com","crl.usertrust.com","crl.verisign.com","crl3.digicert.com","crl4.digicert.com","crls.ssl.com","github.com","host.docker.internal","json-schema.org","json.schemastore.org","keyserver.ubuntu.com","ocsp.digicert.com","ocsp.geotrust.com","ocsp.globalsign.com","ocsp.identrust.com","ocsp.sectigo.com","ocsp.ssl.com","ocsp.thawte.com","ocsp.usertrust.com","ocsp.verisign.com","packagecloud.io","packages.cloud.google.com","packages.microsoft.com","ppa.launchpad.net","raw.githubusercontent.com","registry.npmjs.org","s.symcb.com","s.symcd.com","security.ubuntu.com","telemetry.enterprise.githubcopilot.com","ts-crl.ws.symantec.com","ts-ocsp.ws.symantec.com","www.googleapis.com"]},"apiProxy":{"enabled":true,"models":{"auto":["large"],"deep-research":["copilot/deep-research*","copilot/o3-deep-research*","copilot/o4-mini-deep-research*","google/deep-research*","openai/o3-deep-research*","openai/o4-mini-deep-research*"],"gemini-flash":["copilot/gemini-*flash*","google/gemini-*flash*"],"gemini-pro":["copilot/gemini-*pro*","google/gemini-*pro*"],"gpt-4.1":["copilot/gpt-4.1*","openai/gpt-4.1*"],"gpt-5":["copilot/gpt-5*","openai/gpt-5*"],"gpt-5-codex":["copilot/gpt-5*codex*","openai/gpt-5*codex*"],"gpt-5-mini":["copilot/gpt-5*mini*","openai/gpt-5*mini*"],"gpt-5-nano":["copilot/gpt-5*nano*","openai/gpt-5*nano*"],"gpt-5-pro":["copilot/gpt-5*pro*","openai/gpt-5*pro*"],"haiku":["copilot/*haiku*","anthropic/*haiku*"],"large":["sonnet","gpt-5-pro","gpt-5","gemini-pro"],"mini":["haiku","gpt-5-mini","gpt-5-nano","gemini-flash"],"opus":["copilot/*opus*","anthropic/*opus*"],"reasoning":["copilot/o1*","copilot/o3*","copilot/o4*","openai/o1*","openai/o3*","openai/o4*"],"small":["mini"],"sonnet":["copilot/*sonnet*","anthropic/*sonnet*"]}},"container":{"imageTag":"0.25.41,squid=sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4,agent=sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770,api-proxy=sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0,cli-proxy=sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"}}' > "${RUNNER_TEMP}/gh-aw/awf-config.json" && cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json + printf '%s\n' '{"$schema":"https://github.com/github/gh-aw-firewall/releases/download/v0.25.41/awf-config.schema.json","network":{"allowDomains":["*.pythonhosted.org","anaconda.org","api.business.githubcopilot.com","api.enterprise.githubcopilot.com","api.github.com","api.githubcopilot.com","api.individual.githubcopilot.com","api.snapcraft.io","archive.ubuntu.com","azure.archive.ubuntu.com","binstar.org","bootstrap.pypa.io","conda.anaconda.org","conda.binstar.org","crl.geotrust.com","crl.globalsign.com","crl.identrust.com","crl.sectigo.com","crl.thawte.com","crl.usertrust.com","crl.verisign.com","crl3.digicert.com","crl4.digicert.com","crls.ssl.com","files.pythonhosted.org","github.com","host.docker.internal","json-schema.org","json.schemastore.org","keyserver.ubuntu.com","ocsp.digicert.com","ocsp.geotrust.com","ocsp.globalsign.com","ocsp.identrust.com","ocsp.sectigo.com","ocsp.ssl.com","ocsp.thawte.com","ocsp.usertrust.com","ocsp.verisign.com","packagecloud.io","packages.cloud.google.com","packages.microsoft.com","pip.pypa.io","ppa.launchpad.net","pypi.org","pypi.python.org","raw.githubusercontent.com","registry.npmjs.org","repo.anaconda.com","repo.continuum.io","s.symcb.com","s.symcd.com","security.ubuntu.com","telemetry.enterprise.githubcopilot.com","ts-crl.ws.symantec.com","ts-ocsp.ws.symantec.com","www.googleapis.com"]},"apiProxy":{"enabled":true,"models":{"auto":["large"],"deep-research":["copilot/deep-research*","copilot/o3-deep-research*","copilot/o4-mini-deep-research*","google/deep-research*","openai/o3-deep-research*","openai/o4-mini-deep-research*"],"gemini-flash":["copilot/gemini-*flash*","google/gemini-*flash*"],"gemini-pro":["copilot/gemini-*pro*","google/gemini-*pro*"],"gpt-4.1":["copilot/gpt-4.1*","openai/gpt-4.1*"],"gpt-5":["copilot/gpt-5*","openai/gpt-5*"],"gpt-5-codex":["copilot/gpt-5*codex*","openai/gpt-5*codex*"],"gpt-5-mini":["copilot/gpt-5*mini*","openai/gpt-5*mini*"],"gpt-5-nano":["copilot/gpt-5*nano*","openai/gpt-5*nano*"],"gpt-5-pro":["copilot/gpt-5*pro*","openai/gpt-5*pro*"],"haiku":["copilot/*haiku*","anthropic/*haiku*"],"large":["sonnet","gpt-5-pro","gpt-5","gemini-pro"],"mini":["haiku","gpt-5-mini","gpt-5-nano","gemini-flash"],"opus":["copilot/*opus*","anthropic/*opus*"],"reasoning":["copilot/o1*","copilot/o3*","copilot/o4*","openai/o1*","openai/o3*","openai/o4*"],"small":["mini"],"sonnet":["copilot/*sonnet*","anthropic/*sonnet*"]}},"container":{"imageTag":"0.25.41,squid=sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4,agent=sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770,api-proxy=sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0,cli-proxy=sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"}}' > "${RUNNER_TEMP}/gh-aw/awf-config.json" && cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json # shellcheck disable=SC1003 sudo -E awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --enable-host-access --allow-host-ports 80,443,8080 --skip-pull \ -- /bin/bash -c 'export PATH="${RUNNER_TEMP}/gh-aw/mcp-cli/bin:$PATH" && export PATH="$(find /opt/hostedtoolcache /home/runner/work/_tool -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || echo node)"; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --allow-all-paths --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log @@ -909,7 +909,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_SAFE_OUTPUTS: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS }} - GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" + GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" GITHUB_SERVER_URL: ${{ github.server_url }} GITHUB_API_URL: ${{ github.api_url }} with: @@ -1062,7 +1062,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -1085,7 +1085,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_NOOP_MAX: "1" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1102,7 +1102,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }} @@ -1120,7 +1120,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_MISSING_TOOL_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1135,7 +1135,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1150,7 +1150,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1205,7 +1205,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -1272,8 +1272,8 @@ jobs: if: always() && steps.detection_guard.outputs.run_detection == 'true' uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: - WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" - WORKFLOW_DESCRIPTION: "Daily audit of AI credit spend across all agentic workflows with historical trend tracking" + WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" + WORKFLOW_DESCRIPTION: "Daily audit of AI Credit (AIC) usage across all agentic workflows with historical trend tracking" HAS_PATCH: ${{ needs.agent.outputs.has_patch }} with: script: | @@ -1400,7 +1400,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1472,7 +1472,7 @@ jobs: GH_AW_ENGINE_VERSION: "1.0.40" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_WORKFLOW_ID: "agentic-token-audit" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" outputs: code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }} code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} @@ -1491,7 +1491,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -1522,7 +1522,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" + GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" GITHUB_SERVER_URL: ${{ github.server_url }} GITHUB_API_URL: ${{ github.api_url }} GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":72,\"max\":1,\"title_prefix\":\"[agentic-token-audit] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"upload_asset\":{\"allowed-exts\":[\".png\",\".jpg\",\".jpeg\",\".svg\"],\"branch\":\"assets/${{ github.workflow }}\",\"max\":5,\"max-size\":10240}}" @@ -1564,7 +1564,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1618,7 +1618,7 @@ jobs: GH_AW_ASSETS_BRANCH: "assets/${{ github.workflow }}" GH_AW_ASSETS_MAX_SIZE_KB: 10240 GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg,.svg" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_ENGINE_ID: "copilot" GH_AW_ENGINE_VERSION: "1.0.40" diff --git a/.github/workflows/agentic-token-audit.md b/.github/workflows/agentic-token-audit.md index 01ba195..5a4aef9 100644 --- a/.github/workflows/agentic-token-audit.md +++ b/.github/workflows/agentic-token-audit.md @@ -1,5 +1,5 @@ --- -description: Daily audit of AI credit spend across all agentic workflows with historical trend tracking +description: Daily audit of AI Credit (AIC) usage across all agentic workflows with historical trend tracking on: schedule: - cron: "daily around 12:00 on weekdays" @@ -9,6 +9,10 @@ permissions: actions: read issues: read pull-requests: read +network: + allowed: + - defaults + - python tracker-id: agentic-token-audit safe-outputs: create-issue: @@ -25,12 +29,12 @@ tools: - "*" repo-memory: branch-name: "memory/token-audit" - description: "Historical daily workflow token usage snapshots (shared with agentic-token-optimizer)" + description: "Historical daily workflow AIC snapshots (shared with agentic-token-optimizer)" file-glob: ["*.json", "*.jsonl", "*.csv", "*.md"] max-file-size: 102400 max-patch-size: 51200 steps: - - name: Setup Python runtime + - name: Setup Python uses: actions/setup-python@v6.2.0 with: python-version: "3.12" @@ -71,15 +75,15 @@ steps: timeout-minutes: 25 --- -# Daily Agentic Workflow AI Credit Spend Audit +# Daily Agentic Workflow AIC Usage Audit -You are the Agentic Workflow Auditor — a workflow that tracks daily AI credit spend and token consumption across all agentic workflows in this repository and maintains a historical record for trend analysis. +You are the Agentic Workflow Auditor — a workflow that tracks daily AI Credit (AIC) spend and token consumption across all agentic workflows in this repository and maintains a historical record for trend analysis. ## Mission -1. Parse the pre-downloaded agentic workflow logs and compute per-workflow AI credit spend and token usage metrics. +1. Parse the pre-downloaded agentic workflow logs and compute per-workflow AIC spend and token usage metrics. 2. Persist today's snapshot to repo-memory so the optimizer (and future runs of this audit) can read historical data. -3. Publish a concise audit issue summarizing today's AI credit spend and trend highlights. +3. Publish a concise audit issue summarizing today's AIC spend and trend highlights. ## Data Sources @@ -103,9 +107,9 @@ Each element of `.runs` is a `RunData` object with (among others): |---|---|---| | `workflow_name` | string | Human-readable name | | `workflow_path` | string | `.github/workflows/....lock.yml` | -| `ai_credits` | float | AI credits consumed (primary billing metric; 1 AIC = $0.01 USD) | +| `aic` | float | AI Credits (AIC) consumed (primary billing metric; 1 AIC = $0.01 USD) | | `token_usage` | int | Total tokens (`omitempty` — treat missing/null as 0) | -| `effective_tokens` | int | Legacy normalized token metric (deprecated; use `ai_credits` for billing) | +| `effective_tokens` | int | Legacy normalized token metric (deprecated; use `aic` for billing) | | `action_minutes` | float | Billable GitHub Actions minutes | | `turns` | int | Number of agent turns | | `duration` | string | Human-readable duration | @@ -163,7 +167,7 @@ Write a Python script to `/tmp/gh-aw/token-audit/process_audit.py` and run it. T } ``` -Handle null/missing `ai_credits` and `token_usage` by treating them as 0. +Handle null/missing `aic` and `token_usage` by treating them as 0. ## Phase 2 — Persist Snapshot to Repo-Memory @@ -258,7 +262,7 @@ Summarize AI credit, token, and active-workflow changes from `rolling-summary.js ## Important Notes -- Use `// 0` (null coalescing) in jq and `.get(field, 0)` in Python for nullable numeric fields (`ai_credits`, `token_usage`). +- Use `// 0` (null coalescing) in jq and `.get(field, 0)` in Python for nullable numeric fields (`aic`, `token_usage`). - Distinguish between these two cases in the issue: - the raw `.runs` array is empty - the raw `.runs` array is non-empty but none of the runs are `status == "completed"` diff --git a/.github/workflows/agentic-token-optimizer.lock.yml b/.github/workflows/agentic-token-optimizer.lock.yml index e43c16c..1444497 100644 --- a/.github/workflows/agentic-token-optimizer.lock.yml +++ b/.github/workflows/agentic-token-optimizer.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"dfd770dc1d31a475135a4cd261c183f1a5298e934d37c3bbcee0963787c3b449","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6575adb2a95e4d872f1047f1b8768d20038954d7260f149d2e9b68c8ed1a0c71","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"bc56a0cad2f450c562810785ef38649c04db812a","version":"v0.72.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41","digest":"sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41@sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41","digest":"sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41@sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.41","digest":"sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe","pinned_image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.41@sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41","digest":"sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41@sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.6","digest":"sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.6@sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c"},{"image":"ghcr.io/github/github-mcp-server:v1.0.3","digest":"sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959","pinned_image":"ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]} # ___ _ _ # / _ \ | | (_) @@ -22,7 +22,7 @@ # # For more information: https://github.github.com/gh-aw/introduction/overview/ # -# Daily optimizer that identifies high-AI-credit-spend agentic workflows, audits their runs, and recommends efficiency improvements including inline sub-agent refactors when warranted +# Daily optimizer that identifies a high-AIC agentic workflow, audits its runs, and recommends efficiency improvements including inline sub-agent refactors when warranted # # Secrets used: # - COPILOT_GITHUB_TOKEN @@ -47,7 +47,7 @@ # - ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959 # - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f -name: "Agentic Workflow AI Credit Spend Optimizer" +name: "Agentic Workflow AIC Usage Optimizer" "on": schedule: - cron: "22 14 * * 1-5" @@ -65,7 +65,7 @@ permissions: {} concurrency: group: "gh-aw-${{ github.workflow }}" -run-name: "Agentic Workflow AI Credit Spend Optimizer" +run-name: "Agentic Workflow AIC Usage Optimizer" jobs: activation: @@ -90,7 +90,7 @@ jobs: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Generate agentic run info @@ -102,7 +102,7 @@ jobs: GH_AW_INFO_VERSION: "1.0.40" GH_AW_INFO_AGENT_VERSION: "1.0.40" GH_AW_INFO_CLI_VERSION: "v0.72.1" - GH_AW_INFO_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_INFO_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_INFO_EXPERIMENTAL: "false" GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true" GH_AW_INFO_STAGED: "false" @@ -184,21 +184,21 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' Tools: create_issue, missing_tool, missing_data, noop - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' The following GitHub context information is available for this workflow: {{#if __GH_AW_GITHUB_ACTOR__ }} @@ -227,12 +227,12 @@ jobs: {{/if}} - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' {{#runtime-import .github/workflows/agentic-token-optimizer.md}} - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -261,7 +261,7 @@ jobs: GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools' GH_AW_MEMORY_BRANCH_NAME: 'memory/token-audit' GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: *.json, *.jsonl, *.csv, *.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 51200 bytes (50 KB) total per push (max: 100 KB)\n" - GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow token usage snapshots (shared with agentic-token-audit)' + GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow AIC snapshots (shared with agentic-token-audit)' GH_AW_MEMORY_DIR: '/tmp/gh-aw/repo-memory/default/' GH_AW_MEMORY_TARGET_REPO: ' of the current repository' GH_AW_WIKI_NOTE: '' @@ -358,7 +358,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Set runtime paths @@ -383,8 +383,8 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} name: Download recent agentic workflow logs run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\necho \"đŸ“Ĩ Downloading agentic workflow logs (last 7 days)...\"\n\nLOGS_EXIT=0\ngh aw logs \\\n --start-date -7d \\\n --json \\\n -c 50 \\\n > /tmp/gh-aw/token-audit/all-runs.json || LOGS_EXIT=$?\n\nif [ -s /tmp/gh-aw/token-audit/all-runs.json ]; then\n TOTAL=$(jq '.runs | length' /tmp/gh-aw/token-audit/all-runs.json)\n echo \"✅ Downloaded $TOTAL agentic workflow runs (last 7 days)\"\n if [ \"$LOGS_EXIT\" -ne 0 ]; then\n echo \"⚠ī¸ gh aw logs exited with code $LOGS_EXIT (partial results — likely API rate limit)\"\n fi\nelse\n echo \"❌ No log data downloaded (exit code $LOGS_EXIT)\"\n echo '{\"runs\":[],\"summary\":{}}' > /tmp/gh-aw/token-audit/all-runs.json\nfi\n" - - name: Aggregate top workflows by token usage - run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\njq '{\n generated_at: (now | todateiso8601),\n window_days: 7,\n top_workflows: (\n [.runs[]\n | select(.status == \"completed\")\n | {\n workflow_name: .workflow_name,\n ai_credits: (.ai_credits // 0),\n tokens: (.token_usage // 0),\n turns: (.turns // 0),\n action_minutes: (.action_minutes // 0)\n }\n ]\n | group_by(.workflow_name)\n | map({\n workflow_name: .[0].workflow_name,\n run_count: length,\n total_ai_credits: (map(.ai_credits) | add),\n avg_ai_credits: ((map(.ai_credits) | add) / length),\n total_tokens: (map(.tokens) | add),\n avg_tokens: ((map(.tokens) | add) / length),\n total_turns: (map(.turns) | add),\n total_action_minutes: (map(.action_minutes) | add)\n })\n | sort_by(.total_ai_credits)\n | reverse\n | .[:10]\n )\n}' /tmp/gh-aw/token-audit/all-runs.json > /tmp/gh-aw/token-audit/top-workflows.json\n\necho \"✅ Generated top workflow summary at /tmp/gh-aw/token-audit/top-workflows.json\"\njq '.top_workflows' /tmp/gh-aw/token-audit/top-workflows.json\n" + - name: Aggregate top workflows by AIC usage + run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\njq '{\n generated_at: (now | todateiso8601),\n window_days: 7,\n top_workflows: (\n [.runs[]\n | select(.status == \"completed\")\n | {\n workflow_name: .workflow_name,\n ai_credits: (.aic // 0),\n tokens: (.token_usage // 0),\n turns: (.turns // 0),\n action_minutes: (.action_minutes // 0)\n }\n ]\n | group_by(.workflow_name)\n | map({\n workflow_name: .[0].workflow_name,\n run_count: length,\n total_ai_credits: (map(.ai_credits) | add),\n avg_ai_credits: ((map(.ai_credits) | add) / length),\n total_tokens: (map(.tokens) | add),\n avg_tokens: ((map(.tokens) | add) / length),\n total_turns: (map(.turns) | add),\n total_action_minutes: (map(.action_minutes) | add)\n })\n | sort_by(.total_ai_credits)\n | reverse\n | .[:10]\n )\n}' /tmp/gh-aw/token-audit/all-runs.json > /tmp/gh-aw/token-audit/top-workflows.json\n\necho \"✅ Generated top workflow summary at /tmp/gh-aw/token-audit/top-workflows.json\"\njq '.top_workflows' /tmp/gh-aw/token-audit/top-workflows.json\n" - name: Load optimization history run: "set -euo pipefail\n\nOPT_LOG=\"/tmp/gh-aw/repo-memory/default/optimization-log.json\"\nif [ -f \"$OPT_LOG\" ]; then\n echo \"✅ Previous optimizations:\"\n jq -r '.[] | \"\\(.date): \\(.workflow_name)\"' \"$OPT_LOG\"\nelse\n echo \"ℹī¸ No previous optimization history found.\"\nfi\n" @@ -464,9 +464,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ef0d3b018e7ec638_EOF' + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_6933ed503367a1e3_EOF' {"create_issue":{"close_older_issues":true,"expires":168,"max":1,"title_prefix":"[agentic-token-optimizer] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"report_incomplete":{}} - GH_AW_SAFE_OUTPUTS_CONFIG_ef0d3b018e7ec638_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_6933ed503367a1e3_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -663,7 +663,7 @@ jobs: mkdir -p /home/runner/.copilot GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_0bc1a6b5c23561cc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_785ae819de11c730_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "safeoutputs": { @@ -688,7 +688,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_0bc1a6b5c23561cc_EOF + GH_AW_MCP_CONFIG_785ae819de11c730_EOF - name: Mount MCP servers as CLIs id: mount-mcp-clis continue-on-error: true @@ -964,7 +964,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -987,7 +987,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_NOOP_MAX: "1" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1005,7 +1005,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_MISSING_TOOL_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1020,7 +1020,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1035,7 +1035,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1092,7 +1092,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1161,7 +1161,7 @@ jobs: GH_AW_ENGINE_VERSION: "1.0.40" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_WORKFLOW_ID: "agentic-token-optimizer" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" outputs: code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }} code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} @@ -1180,7 +1180,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact diff --git a/.github/workflows/agentic-token-optimizer.md b/.github/workflows/agentic-token-optimizer.md index 9055938..6117f5e 100644 --- a/.github/workflows/agentic-token-optimizer.md +++ b/.github/workflows/agentic-token-optimizer.md @@ -1,5 +1,5 @@ --- -description: Daily optimizer that identifies high-AI-credit-spend agentic workflows, audits their runs, and recommends efficiency improvements including inline sub-agent refactors when warranted +description: Daily optimizer that identifies a high-AIC agentic workflow, audits its runs, and recommends efficiency improvements including inline sub-agent refactors when warranted on: schedule: - cron: "daily around 14:00 on weekdays" @@ -18,7 +18,7 @@ tools: - "*" repo-memory: branch-name: "memory/token-audit" - description: "Historical daily workflow token usage snapshots (shared with agentic-token-audit)" + description: "Historical daily workflow AIC snapshots (shared with agentic-token-audit)" file-glob: ["*.json", "*.jsonl", "*.csv", "*.md"] max-file-size: 102400 max-patch-size: 51200 @@ -58,7 +58,7 @@ steps: echo '{"runs":[],"summary":{}}' > /tmp/gh-aw/token-audit/all-runs.json fi - - name: Aggregate top workflows by token usage + - name: Aggregate top workflows by AIC usage run: | set -euo pipefail mkdir -p /tmp/gh-aw/token-audit @@ -71,7 +71,7 @@ steps: | select(.status == "completed") | { workflow_name: .workflow_name, - ai_credits: (.ai_credits // 0), + ai_credits: (.aic // 0), tokens: (.token_usage // 0), turns: (.turns // 0), action_minutes: (.action_minutes // 0) @@ -110,14 +110,14 @@ steps: fi --- -# Agentic Workflow AI Credit Spend Optimizer +# Agentic Workflow AIC Usage Optimizer -You are the Agentic Workflow Optimizer. Pick one high-AI-credit-spend workflow, audit recent runs, and create a conservative optimization issue with measurable improvements. Your recommendations may include prompt, tool, reliability, setup-prefix, and inline sub-agent improvements when the evidence supports them. +You are the Agentic Workflow Optimizer. Pick one high-AIC workflow, audit recent runs, and create a conservative optimization issue with measurable improvements. Your recommendations may include prompt, tool, reliability, setup-prefix, and inline sub-agent improvements when the evidence supports them. ## Objectives 1. Select one workflow using repo-memory and pre-aggregated data. -2. Analyze tokens, turns, errors, tool usage patterns, and prompt structure across multiple runs. +2. Analyze AIC, tokens, turns, errors, tool usage patterns, and prompt structure across multiple runs. 3. Propose safe, high-impact optimizations with evidence, including inline sub-agent refactors only when they are a clear fit. 4. Publish one issue and update optimization history. @@ -151,11 +151,11 @@ Prefer `--jq` on `gh api` calls over a separate `| jq` step when the filter is s ## Data Inputs - `/tmp/gh-aw/token-audit/all-runs.json`: full 7-day run data (`gh aw logs --json`). -- `/tmp/gh-aw/token-audit/top-workflows.json`: pre-aggregated top 10 workflows by total AI credits. +- `/tmp/gh-aw/token-audit/top-workflows.json`: pre-aggregated top 10 workflows by total AIC. - `/tmp/gh-aw/repo-memory/default/YYYY-MM-DD.json`: daily audit snapshots. - `/tmp/gh-aw/repo-memory/default/optimization-log.json`: prior optimizations (if present). -Treat missing numeric fields (`ai_credits`, `token_usage`, `turns`, `action_minutes`) as `0`. +Treat missing numeric fields (`aic`, `token_usage`, `turns`, `action_minutes`) as `0`. ## Phase 1 — Select Target @@ -168,7 +168,7 @@ Treat missing numeric fields (`ai_credits`, `token_usage`, `turns`, `action_minu Then collect run-level data for the selected workflow: - run count -- total and average AI credits +- total and average AIC - total and average tokens - total and average turns - conclusions/error patterns @@ -180,8 +180,8 @@ Use this compact analysis matrix: | Area | Required checks | Output | |---|---|---| | Tool usage | Compare configured tools from workflow source vs observed usage across multiple runs | Keep / Consider removing / Remove | -| AI credit spend | Evaluate AI credits, token totals, cache efficiency, turns | Top spend drivers | -| Reliability | Repeated errors, warnings, retries, missing tools | AI credit waste from failures | +| AI credit spend | Evaluate AIC, token totals, cache efficiency, turns | Top spend drivers | +| Reliability | Repeated errors, warnings, retries, missing tools | AIC waste from failures | | Prompt efficiency | Redundant instructions, overlong sections, avoidable iteration | Prompt reduction opportunities | | Structural optimization | Repeated setup/tool-call prefixes and sections suited for inline sub-agents | Extract setup / Add sub-agent / Keep in main agent | @@ -283,10 +283,10 @@ Create one issue with: - **Target workflow + reason selected** - **Analysis period + runs analyzed** -- **Spend profile table** (total AI credits, avg AI credits/run, total tokens, avg turns/run, cache efficiency) +- **Spend profile table** (total AIC, avg AIC/run, total tokens, avg turns/run, cache efficiency) - **Ranked recommendations** with: - title - - estimated AI credit savings per run + - estimated AIC savings per run - concrete action - evidence from observed runs - **Optional structural optimizations** for shared setup prefixes and inline sub-agents when supported by the analysis @@ -304,7 +304,7 @@ Create one issue with: Append one entry to `/tmp/gh-aw/repo-memory/default/optimization-log.json`: -`{"date":"YYYY-MM-DD","workflow_name":"...","total_ai_credits_analyzed":F,"total_tokens_analyzed":N,"runs_audited":N,"recommendations_count":N,"subagent_candidates":N,"estimated_ai_credit_savings_per_run":F}` +`{"date":"YYYY-MM-DD","workflow_name":"...","total_ai_credits_analyzed":F,"total_tokens_analyzed":N,"runs_audited":N,"recommendations_count":N,"subagent_candidates":N,"estimated_aic_savings_per_run":F}` Use `subagent_candidates` for the count of inline sub-agent candidates you actually recommend in the issue body. diff --git a/README.md b/README.md index f63a406..f8b7134 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ It is built for platform engineers, developer productivity teams, and repository ## Key Features - **Clear operational visibility** with a daily audit that captures AI credit spend, usage trends, and workflow-level hotspots. -- **Actionable optimization guidance** that identifies high-AI-credit-spend workflows and proposes safe, conservative improvements. +- **Actionable optimization guidance** that identifies high-AIC workflows and proposes safe, conservative improvements. - **Faster efficiency improvements** by helping teams find waste before it becomes recurring operational overhead. - **Built for real GitHub workflows** using GitHub Agentic Workflows, so installation and adoption fit naturally into existing repositories. - **Useful historical context** through shared snapshots that support trend analysis instead of one-off debugging. @@ -50,8 +50,8 @@ Included workflows: | Workflow | What it does | | ----- | --- | -| [`Daily Agentic Workflow AI Credit Spend Audit`](https://github.com/githubnext/agentic-ops/blob/main/workflows/agentic-token-audit.md?plain=1) | Collects recent agentic workflow usage and creates a daily AI credit spend snapshot. | -| [`Agentic Workflow AI Credit Spend Optimizer`](https://github.com/githubnext/agentic-ops/blob/main/workflows/agentic-token-optimizer.md?plain=1) | Analyzes high-AI-credit-spend workflows and proposes conservative efficiency changes, including inline sub-agent opportunities when they are a strong fit. | +| [`Daily Agentic Workflow AIC Usage Audit`](https://github.com/githubnext/agentic-ops/blob/main/workflows/agentic-token-audit.md?plain=1) | Collects recent agentic workflow usage and creates a daily AIC spend snapshot. | +| [`Agentic Workflow AIC Usage Optimizer`](https://github.com/githubnext/agentic-ops/blob/main/workflows/agentic-token-optimizer.md?plain=1) | Analyzes high-AIC workflows and proposes conservative efficiency changes, including inline sub-agent opportunities when they are a strong fit. | ## License diff --git a/workflows/agentic-token-audit.lock.yml b/workflows/agentic-token-audit.lock.yml index c66e81d..4b89917 100644 --- a/workflows/agentic-token-audit.lock.yml +++ b/workflows/agentic-token-audit.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"66dccb22aa5d77d4f0ff85f7fb628d8d18ec190e409785d5237280d570cb7788","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a4b06c24463fb7c45698b1f55812de418f28b1b1dc347d4560bc9f9d95e57d55","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/setup-python","sha":"a309ff8b426b58ec0e2a45f0f869d46889d02405","version":"v6.2.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"bc56a0cad2f450c562810785ef38649c04db812a","version":"v0.72.1"}],"containers":[{"image":"alpine:latest","digest":"sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11","pinned_image":"alpine:latest@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11"},{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41","digest":"sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41@sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41","digest":"sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41@sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41","digest":"sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41@sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.6","digest":"sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.6@sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c"},{"image":"ghcr.io/github/github-mcp-server:v1.0.3","digest":"sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959","pinned_image":"ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]} # ___ _ _ # / _ \ | | (_) @@ -22,7 +22,7 @@ # # For more information: https://github.github.com/gh-aw/introduction/overview/ # -# Daily audit of AI credit spend across all agentic workflows with historical trend tracking +# Daily audit of AI Credit (AIC) usage across all agentic workflows with historical trend tracking # # Secrets used: # - COPILOT_GITHUB_TOKEN @@ -49,7 +49,7 @@ # - ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959 # - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f -name: "Daily Agentic Workflow AI Credit Spend Audit" +name: "Daily Agentic Workflow AIC Usage Audit" "on": schedule: - cron: "40 12 * * 1-5" @@ -67,7 +67,7 @@ permissions: {} concurrency: group: "gh-aw-${{ github.workflow }}" -run-name: "Daily Agentic Workflow AI Credit Spend Audit" +run-name: "Daily Agentic Workflow AIC Usage Audit" jobs: activation: @@ -92,7 +92,7 @@ jobs: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Generate agentic run info @@ -104,11 +104,11 @@ jobs: GH_AW_INFO_VERSION: "1.0.40" GH_AW_INFO_AGENT_VERSION: "1.0.40" GH_AW_INFO_CLI_VERSION: "v0.72.1" - GH_AW_INFO_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_INFO_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_INFO_EXPERIMENTAL: "false" GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true" GH_AW_INFO_STAGED: "false" - GH_AW_INFO_ALLOWED_DOMAINS: '["defaults"]' + GH_AW_INFO_ALLOWED_DOMAINS: '["defaults","python"]' GH_AW_INFO_FIREWALL_ENABLED: "true" GH_AW_INFO_AWF_VERSION: "v0.25.41" GH_AW_INFO_AWMG_VERSION: "" @@ -186,24 +186,24 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' Tools: create_issue, upload_asset(max:5), missing_tool, missing_data, noop upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs). - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' The following GitHub context information is available for this workflow: {{#if __GH_AW_GITHUB_ACTOR__ }} @@ -232,12 +232,12 @@ jobs: {{/if}} - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_9d3e38a26947955a_EOF' + cat << 'GH_AW_PROMPT_9472b82cb762629a_EOF' {{#runtime-import agentic-token-audit.md}} - GH_AW_PROMPT_9d3e38a26947955a_EOF + GH_AW_PROMPT_9472b82cb762629a_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -266,7 +266,7 @@ jobs: GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools' GH_AW_MEMORY_BRANCH_NAME: 'memory/token-audit' GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: *.json, *.jsonl, *.csv, *.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 51200 bytes (50 KB) total per push (max: 100 KB)\n" - GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow token usage snapshots (shared with agentic-token-optimizer)' + GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow AIC snapshots (shared with agentic-token-optimizer)' GH_AW_MEMORY_DIR: '/tmp/gh-aw/repo-memory/default/' GH_AW_MEMORY_TARGET_REPO: ' of the current repository' GH_AW_WIKI_NOTE: '' @@ -363,7 +363,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Set runtime paths @@ -384,7 +384,7 @@ jobs: run: bash "${RUNNER_TEMP}/gh-aw/actions/configure_gh_for_ghe.sh" env: GH_TOKEN: ${{ github.token }} - - name: Setup Python runtime + - name: Setup Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -505,9 +505,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << GH_AW_SAFE_OUTPUTS_CONFIG_fc5427ce94cc54e5_EOF + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << GH_AW_SAFE_OUTPUTS_CONFIG_3b6ca9f5acfde28d_EOF {"create_issue":{"close_older_issues":true,"expires":72,"max":1,"title_prefix":"[agentic-token-audit] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"report_incomplete":{},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg",".svg"],"branch":"assets/${GITHUB_WORKFLOW}","max":5,"max-size":10240}} - GH_AW_SAFE_OUTPUTS_CONFIG_fc5427ce94cc54e5_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_3b6ca9f5acfde28d_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -721,7 +721,7 @@ jobs: mkdir -p /home/runner/.copilot GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_b5608ebb55ab9219_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_8ff2b9231c74daa4_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "agenticworkflows": { @@ -783,7 +783,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_b5608ebb55ab9219_EOF + GH_AW_MCP_CONFIG_8ff2b9231c74daa4_EOF - name: Mount MCP servers as CLIs id: mount-mcp-clis continue-on-error: true @@ -815,7 +815,7 @@ jobs: GH_AW_NODE_BIN=$(command -v node 2>/dev/null || true) export GH_AW_NODE_BIN (umask 177 && touch /tmp/gh-aw/agent-stdio.log) - printf '%s\n' '{"$schema":"https://github.com/github/gh-aw-firewall/releases/download/v0.25.41/awf-config.schema.json","network":{"allowDomains":["api.business.githubcopilot.com","api.enterprise.githubcopilot.com","api.github.com","api.githubcopilot.com","api.individual.githubcopilot.com","api.snapcraft.io","archive.ubuntu.com","azure.archive.ubuntu.com","crl.geotrust.com","crl.globalsign.com","crl.identrust.com","crl.sectigo.com","crl.thawte.com","crl.usertrust.com","crl.verisign.com","crl3.digicert.com","crl4.digicert.com","crls.ssl.com","github.com","host.docker.internal","json-schema.org","json.schemastore.org","keyserver.ubuntu.com","ocsp.digicert.com","ocsp.geotrust.com","ocsp.globalsign.com","ocsp.identrust.com","ocsp.sectigo.com","ocsp.ssl.com","ocsp.thawte.com","ocsp.usertrust.com","ocsp.verisign.com","packagecloud.io","packages.cloud.google.com","packages.microsoft.com","ppa.launchpad.net","raw.githubusercontent.com","registry.npmjs.org","s.symcb.com","s.symcd.com","security.ubuntu.com","telemetry.enterprise.githubcopilot.com","ts-crl.ws.symantec.com","ts-ocsp.ws.symantec.com","www.googleapis.com"]},"apiProxy":{"enabled":true,"models":{"auto":["large"],"deep-research":["copilot/deep-research*","copilot/o3-deep-research*","copilot/o4-mini-deep-research*","google/deep-research*","openai/o3-deep-research*","openai/o4-mini-deep-research*"],"gemini-flash":["copilot/gemini-*flash*","google/gemini-*flash*"],"gemini-pro":["copilot/gemini-*pro*","google/gemini-*pro*"],"gpt-4.1":["copilot/gpt-4.1*","openai/gpt-4.1*"],"gpt-5":["copilot/gpt-5*","openai/gpt-5*"],"gpt-5-codex":["copilot/gpt-5*codex*","openai/gpt-5*codex*"],"gpt-5-mini":["copilot/gpt-5*mini*","openai/gpt-5*mini*"],"gpt-5-nano":["copilot/gpt-5*nano*","openai/gpt-5*nano*"],"gpt-5-pro":["copilot/gpt-5*pro*","openai/gpt-5*pro*"],"haiku":["copilot/*haiku*","anthropic/*haiku*"],"large":["sonnet","gpt-5-pro","gpt-5","gemini-pro"],"mini":["haiku","gpt-5-mini","gpt-5-nano","gemini-flash"],"opus":["copilot/*opus*","anthropic/*opus*"],"reasoning":["copilot/o1*","copilot/o3*","copilot/o4*","openai/o1*","openai/o3*","openai/o4*"],"small":["mini"],"sonnet":["copilot/*sonnet*","anthropic/*sonnet*"]}},"container":{"imageTag":"0.25.41,squid=sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4,agent=sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770,api-proxy=sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0,cli-proxy=sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"}}' > "${RUNNER_TEMP}/gh-aw/awf-config.json" && cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json + printf '%s\n' '{"$schema":"https://github.com/github/gh-aw-firewall/releases/download/v0.25.41/awf-config.schema.json","network":{"allowDomains":["*.pythonhosted.org","anaconda.org","api.business.githubcopilot.com","api.enterprise.githubcopilot.com","api.github.com","api.githubcopilot.com","api.individual.githubcopilot.com","api.snapcraft.io","archive.ubuntu.com","azure.archive.ubuntu.com","binstar.org","bootstrap.pypa.io","conda.anaconda.org","conda.binstar.org","crl.geotrust.com","crl.globalsign.com","crl.identrust.com","crl.sectigo.com","crl.thawte.com","crl.usertrust.com","crl.verisign.com","crl3.digicert.com","crl4.digicert.com","crls.ssl.com","files.pythonhosted.org","github.com","host.docker.internal","json-schema.org","json.schemastore.org","keyserver.ubuntu.com","ocsp.digicert.com","ocsp.geotrust.com","ocsp.globalsign.com","ocsp.identrust.com","ocsp.sectigo.com","ocsp.ssl.com","ocsp.thawte.com","ocsp.usertrust.com","ocsp.verisign.com","packagecloud.io","packages.cloud.google.com","packages.microsoft.com","pip.pypa.io","ppa.launchpad.net","pypi.org","pypi.python.org","raw.githubusercontent.com","registry.npmjs.org","repo.anaconda.com","repo.continuum.io","s.symcb.com","s.symcd.com","security.ubuntu.com","telemetry.enterprise.githubcopilot.com","ts-crl.ws.symantec.com","ts-ocsp.ws.symantec.com","www.googleapis.com"]},"apiProxy":{"enabled":true,"models":{"auto":["large"],"deep-research":["copilot/deep-research*","copilot/o3-deep-research*","copilot/o4-mini-deep-research*","google/deep-research*","openai/o3-deep-research*","openai/o4-mini-deep-research*"],"gemini-flash":["copilot/gemini-*flash*","google/gemini-*flash*"],"gemini-pro":["copilot/gemini-*pro*","google/gemini-*pro*"],"gpt-4.1":["copilot/gpt-4.1*","openai/gpt-4.1*"],"gpt-5":["copilot/gpt-5*","openai/gpt-5*"],"gpt-5-codex":["copilot/gpt-5*codex*","openai/gpt-5*codex*"],"gpt-5-mini":["copilot/gpt-5*mini*","openai/gpt-5*mini*"],"gpt-5-nano":["copilot/gpt-5*nano*","openai/gpt-5*nano*"],"gpt-5-pro":["copilot/gpt-5*pro*","openai/gpt-5*pro*"],"haiku":["copilot/*haiku*","anthropic/*haiku*"],"large":["sonnet","gpt-5-pro","gpt-5","gemini-pro"],"mini":["haiku","gpt-5-mini","gpt-5-nano","gemini-flash"],"opus":["copilot/*opus*","anthropic/*opus*"],"reasoning":["copilot/o1*","copilot/o3*","copilot/o4*","openai/o1*","openai/o3*","openai/o4*"],"small":["mini"],"sonnet":["copilot/*sonnet*","anthropic/*sonnet*"]}},"container":{"imageTag":"0.25.41,squid=sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4,agent=sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770,api-proxy=sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0,cli-proxy=sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"}}' > "${RUNNER_TEMP}/gh-aw/awf-config.json" && cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json # shellcheck disable=SC1003 sudo -E awf --config "${RUNNER_TEMP}/gh-aw/awf-config.json" --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" --env-all --exclude-env COPILOT_GITHUB_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --enable-host-access --allow-host-ports 80,443,8080 --skip-pull \ -- /bin/bash -c 'export PATH="${RUNNER_TEMP}/gh-aw/mcp-cli/bin:$PATH" && export PATH="$(find /opt/hostedtoolcache /home/runner/work/_tool -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && GH_AW_NODE_EXEC="${GH_AW_NODE_BIN:-}"; if [ -z "$GH_AW_NODE_EXEC" ] || [ ! -x "$GH_AW_NODE_EXEC" ]; then GH_AW_NODE_EXEC="$(command -v node 2>/dev/null || echo node)"; fi; "$GH_AW_NODE_EXEC" ${RUNNER_TEMP}/gh-aw/actions/copilot_harness.cjs /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --no-ask-user --allow-all-tools --allow-all-paths --add-dir "${GITHUB_WORKSPACE}" --prompt-file /tmp/gh-aw/aw-prompts/prompt.txt' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log @@ -909,7 +909,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_SAFE_OUTPUTS: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS }} - GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" + GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" GITHUB_SERVER_URL: ${{ github.server_url }} GITHUB_API_URL: ${{ github.api_url }} with: @@ -1062,7 +1062,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -1085,7 +1085,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_NOOP_MAX: "1" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1102,7 +1102,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }} @@ -1120,7 +1120,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_MISSING_TOOL_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1135,7 +1135,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1150,7 +1150,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1205,7 +1205,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -1272,8 +1272,8 @@ jobs: if: always() && steps.detection_guard.outputs.run_detection == 'true' uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: - WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" - WORKFLOW_DESCRIPTION: "Daily audit of AI credit spend across all agentic workflows with historical trend tracking" + WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" + WORKFLOW_DESCRIPTION: "Daily audit of AI Credit (AIC) usage across all agentic workflows with historical trend tracking" HAS_PATCH: ${{ needs.agent.outputs.has_patch }} with: script: | @@ -1400,7 +1400,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1472,7 +1472,7 @@ jobs: GH_AW_ENGINE_VERSION: "1.0.40" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_WORKFLOW_ID: "agentic-token-audit" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" outputs: code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }} code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} @@ -1491,7 +1491,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -1522,7 +1522,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" + GH_AW_ALLOWED_DOMAINS: "*.pythonhosted.org,anaconda.org,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,binstar.org,bootstrap.pypa.io,conda.anaconda.org,conda.binstar.org,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,files.pythonhosted.org,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pip.pypa.io,ppa.launchpad.net,pypi.org,pypi.python.org,raw.githubusercontent.com,registry.npmjs.org,repo.anaconda.com,repo.continuum.io,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" GITHUB_SERVER_URL: ${{ github.server_url }} GITHUB_API_URL: ${{ github.api_url }} GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"close_older_issues\":true,\"expires\":72,\"max\":1,\"title_prefix\":\"[agentic-token-audit] \"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"upload_asset\":{\"allowed-exts\":[\".png\",\".jpg\",\".jpeg\",\".svg\"],\"branch\":\"assets/${{ github.workflow }}\",\"max\":5,\"max-size\":10240}}" @@ -1564,7 +1564,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1618,7 +1618,7 @@ jobs: GH_AW_ASSETS_BRANCH: "assets/${{ github.workflow }}" GH_AW_ASSETS_MAX_SIZE_KB: 10240 GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg,.svg" - GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AI Credit Spend Audit" + GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow AIC Usage Audit" GH_AW_TRACKER_ID: "agentic-token-audit" GH_AW_ENGINE_ID: "copilot" GH_AW_ENGINE_VERSION: "1.0.40" diff --git a/workflows/agentic-token-audit.md b/workflows/agentic-token-audit.md index 01ba195..5a4aef9 100644 --- a/workflows/agentic-token-audit.md +++ b/workflows/agentic-token-audit.md @@ -1,5 +1,5 @@ --- -description: Daily audit of AI credit spend across all agentic workflows with historical trend tracking +description: Daily audit of AI Credit (AIC) usage across all agentic workflows with historical trend tracking on: schedule: - cron: "daily around 12:00 on weekdays" @@ -9,6 +9,10 @@ permissions: actions: read issues: read pull-requests: read +network: + allowed: + - defaults + - python tracker-id: agentic-token-audit safe-outputs: create-issue: @@ -25,12 +29,12 @@ tools: - "*" repo-memory: branch-name: "memory/token-audit" - description: "Historical daily workflow token usage snapshots (shared with agentic-token-optimizer)" + description: "Historical daily workflow AIC snapshots (shared with agentic-token-optimizer)" file-glob: ["*.json", "*.jsonl", "*.csv", "*.md"] max-file-size: 102400 max-patch-size: 51200 steps: - - name: Setup Python runtime + - name: Setup Python uses: actions/setup-python@v6.2.0 with: python-version: "3.12" @@ -71,15 +75,15 @@ steps: timeout-minutes: 25 --- -# Daily Agentic Workflow AI Credit Spend Audit +# Daily Agentic Workflow AIC Usage Audit -You are the Agentic Workflow Auditor — a workflow that tracks daily AI credit spend and token consumption across all agentic workflows in this repository and maintains a historical record for trend analysis. +You are the Agentic Workflow Auditor — a workflow that tracks daily AI Credit (AIC) spend and token consumption across all agentic workflows in this repository and maintains a historical record for trend analysis. ## Mission -1. Parse the pre-downloaded agentic workflow logs and compute per-workflow AI credit spend and token usage metrics. +1. Parse the pre-downloaded agentic workflow logs and compute per-workflow AIC spend and token usage metrics. 2. Persist today's snapshot to repo-memory so the optimizer (and future runs of this audit) can read historical data. -3. Publish a concise audit issue summarizing today's AI credit spend and trend highlights. +3. Publish a concise audit issue summarizing today's AIC spend and trend highlights. ## Data Sources @@ -103,9 +107,9 @@ Each element of `.runs` is a `RunData` object with (among others): |---|---|---| | `workflow_name` | string | Human-readable name | | `workflow_path` | string | `.github/workflows/....lock.yml` | -| `ai_credits` | float | AI credits consumed (primary billing metric; 1 AIC = $0.01 USD) | +| `aic` | float | AI Credits (AIC) consumed (primary billing metric; 1 AIC = $0.01 USD) | | `token_usage` | int | Total tokens (`omitempty` — treat missing/null as 0) | -| `effective_tokens` | int | Legacy normalized token metric (deprecated; use `ai_credits` for billing) | +| `effective_tokens` | int | Legacy normalized token metric (deprecated; use `aic` for billing) | | `action_minutes` | float | Billable GitHub Actions minutes | | `turns` | int | Number of agent turns | | `duration` | string | Human-readable duration | @@ -163,7 +167,7 @@ Write a Python script to `/tmp/gh-aw/token-audit/process_audit.py` and run it. T } ``` -Handle null/missing `ai_credits` and `token_usage` by treating them as 0. +Handle null/missing `aic` and `token_usage` by treating them as 0. ## Phase 2 — Persist Snapshot to Repo-Memory @@ -258,7 +262,7 @@ Summarize AI credit, token, and active-workflow changes from `rolling-summary.js ## Important Notes -- Use `// 0` (null coalescing) in jq and `.get(field, 0)` in Python for nullable numeric fields (`ai_credits`, `token_usage`). +- Use `// 0` (null coalescing) in jq and `.get(field, 0)` in Python for nullable numeric fields (`aic`, `token_usage`). - Distinguish between these two cases in the issue: - the raw `.runs` array is empty - the raw `.runs` array is non-empty but none of the runs are `status == "completed"` diff --git a/workflows/agentic-token-optimizer.lock.yml b/workflows/agentic-token-optimizer.lock.yml index f38ab8e..7c64633 100644 --- a/workflows/agentic-token-optimizer.lock.yml +++ b/workflows/agentic-token-optimizer.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"dfd770dc1d31a475135a4cd261c183f1a5298e934d37c3bbcee0963787c3b449","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6575adb2a95e4d872f1047f1b8768d20038954d7260f149d2e9b68c8ed1a0c71","compiler_version":"v0.72.1","strict":true,"agent_id":"copilot"} # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"bc56a0cad2f450c562810785ef38649c04db812a","version":"v0.72.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41","digest":"sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.25.41@sha256:cb2b565d070116d4b67e355775340528b5a2c3cb18b2c9049638bcc2df681770"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41","digest":"sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.41@sha256:fadd0de387209f69a9a7a1b8722bb5e7fdfb80ba9749a5c60f0e4cd7582a74d0"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.41","digest":"sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe","pinned_image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.41@sha256:62171f2fa508667b8b0a9e096f826983f312e3da0ce894f80c0f83a875af60fe"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41","digest":"sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.25.41@sha256:1260445d25968dbf3ae70143964177a0e5914cf2ce07a6117f7d3caec6c3e3c4"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.6","digest":"sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.6@sha256:2bb8eef86006a4c5963c55616a9c51c32f27bfdecb023b8aa6f91f6718d9171c"},{"image":"ghcr.io/github/github-mcp-server:v1.0.3","digest":"sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959","pinned_image":"ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]} # ___ _ _ # / _ \ | | (_) @@ -22,7 +22,7 @@ # # For more information: https://github.github.com/gh-aw/introduction/overview/ # -# Daily optimizer that identifies high-AI-credit-spend agentic workflows, audits their runs, and recommends efficiency improvements including inline sub-agent refactors when warranted +# Daily optimizer that identifies a high-AIC agentic workflow, audits its runs, and recommends efficiency improvements including inline sub-agent refactors when warranted # # Secrets used: # - COPILOT_GITHUB_TOKEN @@ -47,7 +47,7 @@ # - ghcr.io/github/github-mcp-server:v1.0.3@sha256:2ac27ef03461ef2b877031b838a7d1fd7f12b12d4ace7796d8cad91446d55959 # - node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f -name: "Agentic Workflow AI Credit Spend Optimizer" +name: "Agentic Workflow AIC Usage Optimizer" "on": schedule: - cron: "19 14 * * 1-5" @@ -65,7 +65,7 @@ permissions: {} concurrency: group: "gh-aw-${{ github.workflow }}" -run-name: "Agentic Workflow AI Credit Spend Optimizer" +run-name: "Agentic Workflow AIC Usage Optimizer" jobs: activation: @@ -90,7 +90,7 @@ jobs: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Generate agentic run info @@ -102,7 +102,7 @@ jobs: GH_AW_INFO_VERSION: "1.0.40" GH_AW_INFO_AGENT_VERSION: "1.0.40" GH_AW_INFO_CLI_VERSION: "v0.72.1" - GH_AW_INFO_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_INFO_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_INFO_EXPERIMENTAL: "false" GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true" GH_AW_INFO_STAGED: "false" @@ -184,21 +184,21 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' Tools: create_issue, missing_tool, missing_data, noop - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' The following GitHub context information is available for this workflow: {{#if __GH_AW_GITHUB_ACTOR__ }} @@ -227,12 +227,12 @@ jobs: {{/if}} - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_90fefde78ed6eadd_EOF' + cat << 'GH_AW_PROMPT_d789fdfb9e89a466_EOF' {{#runtime-import agentic-token-optimizer.md}} - GH_AW_PROMPT_90fefde78ed6eadd_EOF + GH_AW_PROMPT_d789fdfb9e89a466_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -261,7 +261,7 @@ jobs: GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools' GH_AW_MEMORY_BRANCH_NAME: 'memory/token-audit' GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: *.json, *.jsonl, *.csv, *.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 51200 bytes (50 KB) total per push (max: 100 KB)\n" - GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow token usage snapshots (shared with agentic-token-audit)' + GH_AW_MEMORY_DESCRIPTION: ' Historical daily workflow AIC snapshots (shared with agentic-token-audit)' GH_AW_MEMORY_DIR: '/tmp/gh-aw/repo-memory/default/' GH_AW_MEMORY_TARGET_REPO: ' of the current repository' GH_AW_WIKI_NOTE: '' @@ -358,7 +358,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Set runtime paths @@ -383,8 +383,8 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} name: Download recent agentic workflow logs run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\necho \"đŸ“Ĩ Downloading agentic workflow logs (last 7 days)...\"\n\nLOGS_EXIT=0\ngh aw logs \\\n --start-date -7d \\\n --json \\\n -c 50 \\\n > /tmp/gh-aw/token-audit/all-runs.json || LOGS_EXIT=$?\n\nif [ -s /tmp/gh-aw/token-audit/all-runs.json ]; then\n TOTAL=$(jq '.runs | length' /tmp/gh-aw/token-audit/all-runs.json)\n echo \"✅ Downloaded $TOTAL agentic workflow runs (last 7 days)\"\n if [ \"$LOGS_EXIT\" -ne 0 ]; then\n echo \"⚠ī¸ gh aw logs exited with code $LOGS_EXIT (partial results — likely API rate limit)\"\n fi\nelse\n echo \"❌ No log data downloaded (exit code $LOGS_EXIT)\"\n echo '{\"runs\":[],\"summary\":{}}' > /tmp/gh-aw/token-audit/all-runs.json\nfi\n" - - name: Aggregate top workflows by token usage - run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\njq '{\n generated_at: (now | todateiso8601),\n window_days: 7,\n top_workflows: (\n [.runs[]\n | select(.status == \"completed\")\n | {\n workflow_name: .workflow_name,\n ai_credits: (.ai_credits // 0),\n tokens: (.token_usage // 0),\n turns: (.turns // 0),\n action_minutes: (.action_minutes // 0)\n }\n ]\n | group_by(.workflow_name)\n | map({\n workflow_name: .[0].workflow_name,\n run_count: length,\n total_ai_credits: (map(.ai_credits) | add),\n avg_ai_credits: ((map(.ai_credits) | add) / length),\n total_tokens: (map(.tokens) | add),\n avg_tokens: ((map(.tokens) | add) / length),\n total_turns: (map(.turns) | add),\n total_action_minutes: (map(.action_minutes) | add)\n })\n | sort_by(.total_ai_credits)\n | reverse\n | .[:10]\n )\n}' /tmp/gh-aw/token-audit/all-runs.json > /tmp/gh-aw/token-audit/top-workflows.json\n\necho \"✅ Generated top workflow summary at /tmp/gh-aw/token-audit/top-workflows.json\"\njq '.top_workflows' /tmp/gh-aw/token-audit/top-workflows.json\n" + - name: Aggregate top workflows by AIC usage + run: "set -euo pipefail\nmkdir -p /tmp/gh-aw/token-audit\n\njq '{\n generated_at: (now | todateiso8601),\n window_days: 7,\n top_workflows: (\n [.runs[]\n | select(.status == \"completed\")\n | {\n workflow_name: .workflow_name,\n ai_credits: (.aic // 0),\n tokens: (.token_usage // 0),\n turns: (.turns // 0),\n action_minutes: (.action_minutes // 0)\n }\n ]\n | group_by(.workflow_name)\n | map({\n workflow_name: .[0].workflow_name,\n run_count: length,\n total_ai_credits: (map(.ai_credits) | add),\n avg_ai_credits: ((map(.ai_credits) | add) / length),\n total_tokens: (map(.tokens) | add),\n avg_tokens: ((map(.tokens) | add) / length),\n total_turns: (map(.turns) | add),\n total_action_minutes: (map(.action_minutes) | add)\n })\n | sort_by(.total_ai_credits)\n | reverse\n | .[:10]\n )\n}' /tmp/gh-aw/token-audit/all-runs.json > /tmp/gh-aw/token-audit/top-workflows.json\n\necho \"✅ Generated top workflow summary at /tmp/gh-aw/token-audit/top-workflows.json\"\njq '.top_workflows' /tmp/gh-aw/token-audit/top-workflows.json\n" - name: Load optimization history run: "set -euo pipefail\n\nOPT_LOG=\"/tmp/gh-aw/repo-memory/default/optimization-log.json\"\nif [ -f \"$OPT_LOG\" ]; then\n echo \"✅ Previous optimizations:\"\n jq -r '.[] | \"\\(.date): \\(.workflow_name)\"' \"$OPT_LOG\"\nelse\n echo \"ℹī¸ No previous optimization history found.\"\nfi\n" @@ -464,9 +464,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ef0d3b018e7ec638_EOF' + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_6933ed503367a1e3_EOF' {"create_issue":{"close_older_issues":true,"expires":168,"max":1,"title_prefix":"[agentic-token-optimizer] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"report_incomplete":{}} - GH_AW_SAFE_OUTPUTS_CONFIG_ef0d3b018e7ec638_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_6933ed503367a1e3_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -663,7 +663,7 @@ jobs: mkdir -p /home/runner/.copilot GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_0bc1a6b5c23561cc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_785ae819de11c730_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "safeoutputs": { @@ -688,7 +688,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_0bc1a6b5c23561cc_EOF + GH_AW_MCP_CONFIG_785ae819de11c730_EOF - name: Mount MCP servers as CLIs id: mount-mcp-clis continue-on-error: true @@ -964,7 +964,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact @@ -987,7 +987,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_NOOP_MAX: "1" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1005,7 +1005,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_MISSING_TOOL_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1020,7 +1020,7 @@ jobs: env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} GH_AW_REPORT_INCOMPLETE_CREATE_ISSUE: "true" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -1035,7 +1035,7 @@ jobs: uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }} - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }} @@ -1092,7 +1092,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Checkout repository @@ -1161,7 +1161,7 @@ jobs: GH_AW_ENGINE_VERSION: "1.0.40" GH_AW_TRACKER_ID: "agentic-token-optimizer" GH_AW_WORKFLOW_ID: "agentic-token-optimizer" - GH_AW_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" outputs: code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }} code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} @@ -1180,7 +1180,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.activation.outputs.setup-trace-id }} env: - GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AI Credit Spend Optimizer" + GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow AIC Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} GH_AW_INFO_VERSION: "1.0.40" - name: Download agent output artifact diff --git a/workflows/agentic-token-optimizer.md b/workflows/agentic-token-optimizer.md index 9055938..6117f5e 100644 --- a/workflows/agentic-token-optimizer.md +++ b/workflows/agentic-token-optimizer.md @@ -1,5 +1,5 @@ --- -description: Daily optimizer that identifies high-AI-credit-spend agentic workflows, audits their runs, and recommends efficiency improvements including inline sub-agent refactors when warranted +description: Daily optimizer that identifies a high-AIC agentic workflow, audits its runs, and recommends efficiency improvements including inline sub-agent refactors when warranted on: schedule: - cron: "daily around 14:00 on weekdays" @@ -18,7 +18,7 @@ tools: - "*" repo-memory: branch-name: "memory/token-audit" - description: "Historical daily workflow token usage snapshots (shared with agentic-token-audit)" + description: "Historical daily workflow AIC snapshots (shared with agentic-token-audit)" file-glob: ["*.json", "*.jsonl", "*.csv", "*.md"] max-file-size: 102400 max-patch-size: 51200 @@ -58,7 +58,7 @@ steps: echo '{"runs":[],"summary":{}}' > /tmp/gh-aw/token-audit/all-runs.json fi - - name: Aggregate top workflows by token usage + - name: Aggregate top workflows by AIC usage run: | set -euo pipefail mkdir -p /tmp/gh-aw/token-audit @@ -71,7 +71,7 @@ steps: | select(.status == "completed") | { workflow_name: .workflow_name, - ai_credits: (.ai_credits // 0), + ai_credits: (.aic // 0), tokens: (.token_usage // 0), turns: (.turns // 0), action_minutes: (.action_minutes // 0) @@ -110,14 +110,14 @@ steps: fi --- -# Agentic Workflow AI Credit Spend Optimizer +# Agentic Workflow AIC Usage Optimizer -You are the Agentic Workflow Optimizer. Pick one high-AI-credit-spend workflow, audit recent runs, and create a conservative optimization issue with measurable improvements. Your recommendations may include prompt, tool, reliability, setup-prefix, and inline sub-agent improvements when the evidence supports them. +You are the Agentic Workflow Optimizer. Pick one high-AIC workflow, audit recent runs, and create a conservative optimization issue with measurable improvements. Your recommendations may include prompt, tool, reliability, setup-prefix, and inline sub-agent improvements when the evidence supports them. ## Objectives 1. Select one workflow using repo-memory and pre-aggregated data. -2. Analyze tokens, turns, errors, tool usage patterns, and prompt structure across multiple runs. +2. Analyze AIC, tokens, turns, errors, tool usage patterns, and prompt structure across multiple runs. 3. Propose safe, high-impact optimizations with evidence, including inline sub-agent refactors only when they are a clear fit. 4. Publish one issue and update optimization history. @@ -151,11 +151,11 @@ Prefer `--jq` on `gh api` calls over a separate `| jq` step when the filter is s ## Data Inputs - `/tmp/gh-aw/token-audit/all-runs.json`: full 7-day run data (`gh aw logs --json`). -- `/tmp/gh-aw/token-audit/top-workflows.json`: pre-aggregated top 10 workflows by total AI credits. +- `/tmp/gh-aw/token-audit/top-workflows.json`: pre-aggregated top 10 workflows by total AIC. - `/tmp/gh-aw/repo-memory/default/YYYY-MM-DD.json`: daily audit snapshots. - `/tmp/gh-aw/repo-memory/default/optimization-log.json`: prior optimizations (if present). -Treat missing numeric fields (`ai_credits`, `token_usage`, `turns`, `action_minutes`) as `0`. +Treat missing numeric fields (`aic`, `token_usage`, `turns`, `action_minutes`) as `0`. ## Phase 1 — Select Target @@ -168,7 +168,7 @@ Treat missing numeric fields (`ai_credits`, `token_usage`, `turns`, `action_minu Then collect run-level data for the selected workflow: - run count -- total and average AI credits +- total and average AIC - total and average tokens - total and average turns - conclusions/error patterns @@ -180,8 +180,8 @@ Use this compact analysis matrix: | Area | Required checks | Output | |---|---|---| | Tool usage | Compare configured tools from workflow source vs observed usage across multiple runs | Keep / Consider removing / Remove | -| AI credit spend | Evaluate AI credits, token totals, cache efficiency, turns | Top spend drivers | -| Reliability | Repeated errors, warnings, retries, missing tools | AI credit waste from failures | +| AI credit spend | Evaluate AIC, token totals, cache efficiency, turns | Top spend drivers | +| Reliability | Repeated errors, warnings, retries, missing tools | AIC waste from failures | | Prompt efficiency | Redundant instructions, overlong sections, avoidable iteration | Prompt reduction opportunities | | Structural optimization | Repeated setup/tool-call prefixes and sections suited for inline sub-agents | Extract setup / Add sub-agent / Keep in main agent | @@ -283,10 +283,10 @@ Create one issue with: - **Target workflow + reason selected** - **Analysis period + runs analyzed** -- **Spend profile table** (total AI credits, avg AI credits/run, total tokens, avg turns/run, cache efficiency) +- **Spend profile table** (total AIC, avg AIC/run, total tokens, avg turns/run, cache efficiency) - **Ranked recommendations** with: - title - - estimated AI credit savings per run + - estimated AIC savings per run - concrete action - evidence from observed runs - **Optional structural optimizations** for shared setup prefixes and inline sub-agents when supported by the analysis @@ -304,7 +304,7 @@ Create one issue with: Append one entry to `/tmp/gh-aw/repo-memory/default/optimization-log.json`: -`{"date":"YYYY-MM-DD","workflow_name":"...","total_ai_credits_analyzed":F,"total_tokens_analyzed":N,"runs_audited":N,"recommendations_count":N,"subagent_candidates":N,"estimated_ai_credit_savings_per_run":F}` +`{"date":"YYYY-MM-DD","workflow_name":"...","total_ai_credits_analyzed":F,"total_tokens_analyzed":N,"runs_audited":N,"recommendations_count":N,"subagent_candidates":N,"estimated_aic_savings_per_run":F}` Use `subagent_candidates` for the count of inline sub-agent candidates you actually recommend in the issue body. From 96e19d4c83043c074c9c65c6e7c5acfda3375829 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 08:12:05 +0000 Subject: [PATCH 4/4] docs: add changelog entry for workflow alignment release Co-authored-by: mnkiefer <8320933+mnkiefer@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 51d3ccf..b7df2b1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,13 @@ Changelog entries should describe what changed for users of these workflows, not - Omit vague filler like "various fixes" when the actual effect can be named. - Do not include contributor handles, reviewer names, or other attribution in release entries. +## [0.3.1] - 2026-06-09 + +### Fixed + +- Kept the published audit and optimizer workflows compatible with the current upstream `gh-aw` AIC/runtime log schema updates without changing the existing snapshot and summary fields that downstream reporting depends on. +- Restored the audit workflow's explicit Python network allowlist so chart dependency installation remains supported in the packaged workflow. + ## [0.3.0] - 2026-06-08 ### Changed