You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
gh-aw build b141a48 (built from working tree). Discovered gh-aw-using public repos, ranked by stars, and compiled the top 20 one-by-one.
Key metrics
Metric
Value
Repos selected (by stars)
20
Cloned successfully
20 / 20
Compile clean (own settings)
18 / 20
Genuine failures
2 (1 workflow each)
Cross-repo codemod/coverage gaps
2
Genuine failures (plain compile, respecting each repo's own strict: setting)
githubnext/gh-aw-test — test-copilot-restore-memory-custom-job.md: 'restore-memory': got object, want boolean. The workflow configures restore-memory as an object; the schema now expects a boolean. Likely a deliberate test fixture, but it is a real type error. No codemod covers this.
ms-mfg-community/day-in-the-life-copilot-lab — code-review.md: Unknown property: add-pr-comment. Did you mean 'add-comment'?. Pure user typo — add-pr-comment was never a valid safe-output key. The compiler already emits a did-you-mean suggestion.
Methodology caveat (important)
The baseline pass used compile --strict, which overrides each workflow's own strict: false opt-out. That produced 3 false-positive repo failures — github/gh-aw-mcpg, github/gh-aw-firewall, elastic/ai-github-actions — all of which compile with 0 errors under their intended settings. These repos intentionally use internal/opt-out fields (sandbox.mcp.container, sandbox.agent: false, secrets-in-steps) in strict: false smoke tests. Future runs should treat --strict as a secondary advisory signal, not the pass/fail gate.
Cross-repo codemod / coverage gaps (see companion issue)
Playwright MCP→CLI mode deprecated in 4 repos (elastic, gh-aw-mcpg, gh-aw-firewall, pelikhan); no migrating codemod exists — warning says it "may become an error in a future release".
safe-inputs in imported/shared fragments silently dropped in 3 repos (elastic 16 files, gh-aw-firewall 3, gh-aw-mcpg 3). The safe-inputs-to-mcp-scripts codemod exists but gh aw fix doesn't descend into imports: fragment files, and compile ignores the field without failing.
Top-20 selection (stars) and per-repo status
Repo
Stars
Plain compile
Errors
Warnings
github/gh-aw
4760
ok
0
183
githubnext/agentics
830
ok
0
0
github/gh-aw-mcpg
146
ok
0
9
github/gh-aw-firewall
109
ok
0
13
github/gh-aw-actions
37
ok
0
0
shyamagu-ms/ai-scrum
24
ok
0
0
felipementel/GitHubCopilotDevDays-Curitiba-2026
14
ok
0
0
githubnext/agentic-ops
14
ok
0
1
Hack23/euparliamentmonitor
12
ok
0
0
elastic/ai-github-actions
10
ok
0
28
haxudev/GCR-AI-Tour-2026
10
ok
0
0
verkyyi/github-agent-runner
10
ok
0
3
Hack23/riksdagsmonitor
8
ok
0
14
github/gh-aw-threat-detection
8
ok
0
0
githubnext/agentics-template
8
ok
0
0
githubnext/gh-aw-test
8
FAIL
1
19
IgniteUI/igniteui-documentation
6
ok
0
0
ms-mfg-community/day-in-the-life-copilot-lab
6
FAIL
1
0
pelikhan/github-agentic-workflows
6
ok
0
4
samuelkahessay/prd-to-prod
5
ok
0
3
Recurring non-fatal warnings across repos
Playwright MCP mode deprecated — 4 repos
safe-inputs ignored (unexpected frontmatter in fragments) — 3 repos
Fixed daily/weekly schedule time (suggest fuzzy schedule) — 3 repos
Secrets in steps/env may leak to agent — 4 repos (advisory)
Non-centralized slash_command routing — 2 repos
Auto-derived path: ("may become an error") — 2 repos
Next actions
File the two codemod-gap items (companion issue).
The 2 genuine failures are single-workflow and repo-local; no ≥2-repo user-syntax cluster this run.
Discovery limitation
Broad gh search code is unavailable under the repo-scoped Actions integration token (Resource not accessible by integration), so cross-GitHub lock-file code search returns only this repo. Discovery used gh search repos (7 query angles) + contents-API verification of .github/workflows/*.lock.yml. Candidate breadth is therefore narrower than the 60+ target; a PAT with read:org/code-search scope would restore full discovery.
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
models.dev
To allow these domains, add them to the network.allowed list in your workflow frontmatter:
Daily gh-aw cross-repo compatibility audit
gh-aw build b141a48 (built from working tree). Discovered gh-aw-using public repos, ranked by stars, and compiled the top 20 one-by-one.
Key metrics
Genuine failures (plain
compile, respecting each repo's ownstrict:setting)test-copilot-restore-memory-custom-job.md:'restore-memory': got object, want boolean. The workflow configuresrestore-memoryas an object; the schema now expects a boolean. Likely a deliberate test fixture, but it is a real type error. No codemod covers this.code-review.md:Unknown property: add-pr-comment. Did you mean 'add-comment'?. Pure user typo —add-pr-commentwas never a valid safe-output key. The compiler already emits a did-you-mean suggestion.Methodology caveat (important)
The baseline pass used
compile --strict, which overrides each workflow's ownstrict: falseopt-out. That produced 3 false-positive repo failures —github/gh-aw-mcpg,github/gh-aw-firewall,elastic/ai-github-actions— all of which compile with 0 errors under their intended settings. These repos intentionally use internal/opt-out fields (sandbox.mcp.container,sandbox.agent: false, secrets-in-steps) instrict: falsesmoke tests. Future runs should treat--strictas a secondary advisory signal, not the pass/fail gate.Cross-repo codemod / coverage gaps (see companion issue)
safe-inputsin imported/sharedfragments silently dropped in 3 repos (elastic 16 files, gh-aw-firewall 3, gh-aw-mcpg 3). Thesafe-inputs-to-mcp-scriptscodemod exists butgh aw fixdoesn't descend intoimports:fragment files, andcompileignores the field without failing.Top-20 selection (stars) and per-repo status
Recurring non-fatal warnings across repos
safe-inputsignored (unexpected frontmatter in fragments) — 3 repossteps/envmay leak to agent — 4 repos (advisory)slash_commandrouting — 2 repospath:("may become an error") — 2 reposNext actions
Discovery limitation
Broad
gh search codeis unavailable under the repo-scoped Actions integration token (Resource not accessible by integration), so cross-GitHub lock-file code search returns only this repo. Discovery usedgh search repos(7 query angles) + contents-API verification of.github/workflows/*.lock.yml. Candidate breadth is therefore narrower than the 60+ target; a PAT withread:org/code-search scope would restore full discovery.Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
models.devSee Network Configuration for more information.