Daily Audit Report - 2026-03-16

[github-actions[bot]]

Automated daily audit of all agentic workflow runs from the last 24 hours (2026-03-16).

Summary

Metric	Value
Total Runs	27
✅ Successful	21
❌ Failed	6
⏳ In Progress	1
Success Rate	77.8%
Total Tokens	10,784,803
Estimated Cost	$1.9141
Total Turns	81
Safe Items Created	43

Workflow Health

All 27 runs occurred on 2026-03-16. The 6 failures (~22%) share a common root cause affecting two workflows. When excluding the recurring lockdown_no_token failures, the underlying platform health is strong with a broad mix of successful workflows across copilot, claude, and codex engines.

Token Usage & Cost

The Copilot PR Prompt Pattern Analysis workflow consumed the most tokens (2.7M) while the Daily Documentation Updater had the highest cost ($1.22 / 2.3M tokens). All other cost is attributed to claude-engine workflows; copilot and codex runs show 0 estimated cost.

❌ Failed Runs

Issue Monster (4 failures) — Recurring

All four scheduled runs of Issue Monster failed at the activation step with the same error:

Lockdown mode is enabled (lockdown: true) but no custom GitHub token is configured.

Please configure one of the following as a repository secret:
  - GH_AW_GITHUB_TOKEN (recommended)
  - GH_AW_GITHUB_MCP_SERVER_TOKEN (alternative)
```

Affected runs: [§23129002663](https://github.com/github/gh-aw/actions/runs/23129002663), [§23127481579](https://github.com/github/gh-aw/actions/runs/23127481579), [§23126051881](https://github.com/github/gh-aw/actions/runs/23126051881), [§23124466000](https://github.com/github/gh-aw/actions/runs/23124466000)

**Action required:** Configure `GH_AW_GITHUB_TOKEN` as a repository secret, or add a custom `github-token` in the workflow frontmatter. See: `docs/src/content/docs/reference/auth.mdx`

#### Daily Issues Report Generator (1 failure) — Recurring

Same root cause as Issue Monster — lockdown mode enabled without a custom GitHub token.

Affected run: [§23124784288](https://github.com/github/gh-aw/actions/runs/23124784288)

#### AI Moderator (1 failure) — Transient

The workflow failed during the `agent` step attempting to check out a PR branch that had been deleted or force-pushed:

```
Error: The process '/usr/bin/git' failed with exit code 128
Attempted to check out: copilot/add-context-to-fetch-and-save-workflows
ERR_API: Failed to checkout PR branch

Also resulted in: Unable to download artifact(s): Artifact not found for name: agent

Affected run: §23127763494 — Branch was likely deleted/force-pushed before the workflow completed checkout. This is transient and expected behavior.

⚠️ Missing Tools

1 missing tool event

Workflow: GitHub Remote MCP Authentication Test (§23129238543)

Tool: GitHub MCP tools (list_issues, get_repository)

Reason: MCP toolsets unavailable in runner — tools not loaded

Alternatives: Check MCP configuration, verify remote mode is accessible, or use local mode fallback.

Note: Despite this missing tool event, the run concluded as success — the workflow likely handled the fallback gracefully.

🔥 Top Token Consumers

Workflow	Engine	Tokens	Cost
Copilot PR Prompt Pattern Analysis	copilot	2,704,416	$0.00
Daily Documentation Updater	claude	2,316,706	$1.22
jsweep - JavaScript Unbloater	copilot	1,424,949	$0.00
Multi-Device Docs Tester	claude	1,349,191	$0.69
GitHub Remote MCP Authentication Test	copilot	973,217	$0.00
Contribution Check	copilot	870,063	$0.00
GPL Dependency Cleaner	copilot	702,189	$0.00
Plan Command	copilot	300,581	$0.00
Agent Container Smoke Test	copilot	143,491	$0.00

🛡️ Firewall Analysis

17 runs had firewall data. Top blocked domains:

Domain	Blocked in N Runs
ab.chatgpt.com:443	8
storage.googleapis.com:443	1
proxy.golang.org:443	1
codeload.github.com:443	1
github.com:443	1

ab.chatgpt.com:443 is the most frequently blocked domain — this appears to be an analytics/telemetry endpoint called by the OpenAI/Codex SDK and is expected to be blocked.

Recommendations

1. [HIGH] Fix lockdown token configuration for Issue Monster and Daily Issues Report Generator. Both workflows have lockdown: true but are missing the required GH_AW_GITHUB_TOKEN secret. This is causing 5/6 failures today and will recur daily until resolved.

2. [LOW] Monitor GitHub Remote MCP Authentication Test for MCP tool loading failures. The single missing tool event may indicate intermittent MCP initialization issues worth tracking over time.

3. [INFO] AI Moderator PR checkout failure is transient and no action is needed unless it recurs frequently.

References:

• §23129002663 — Issue Monster failure (lockdown)
• §23124784288 — Daily Issues Report Generator failure (lockdown)
• §23127763494 — AI Moderator failure (git checkout)

AI generated by Agentic Workflow Audit Agent · history

• expires on Mar 17, 2026, 6:10 AM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Agentic Workflow Audit Agent.

A newer discussion is available at Discussion #21344.