What's the difference between agentic workflows and regular GitHub Actions workflows?

Agentic workflows use AI to interpret natural language instructions in markdown instead of complex YAML. The AI engine can call pre-approved tools to perform tasks while running with read-only default permissions, safe outputs, and sandboxed execution.

Can agentic workflows write code and create pull requests?

Yes. Agentic workflows can create pull requests using the create-pull-request safe output so proposed changes are reviewed and merged by humans.

Can workflows trigger other workflows?

Yes. Workflows can dispatch other workflows using the dispatch-workflow safe output with configurable limits.

Can I use MCP servers with agentic workflows?

Yes. Model Context Protocol servers can be configured in frontmatter to extend workflows with custom tools and integrations.

GitHub Agentic Workflows

Repository automation, running the coding agents you know and love, with strong guardrails in GitHub Actions.

Quick Start with CLI Creating Workflows

Wake up to ready-to-review repository improvements—automated triage, CI insights, docs updates, and test enhancements from simple markdown workflows.

GitHub Agentic Workflows deliver this: repository automation, running the coding agents you know and love, in GitHub Actions, with strong guardrails and security-first design principles.

Use GitHub Copilot, Claude by Anthropic, Gemini from Google or OpenAI Codex for event-triggered and scheduled jobs to improve your repository. GitHub Agentic Workflows augment your existing, deterministic CI/CD with Continuous AI capabilities.

Developed by GitHub and Microsoft, workflows run with added guardrails, using safe outputs and sandboxed execution to help keep your repository safe.

ⓘ Note: GitHub Agentic Workflows is in early development and may change significantly. Using agentic workflows requires careful attention to security considerations and careful human supervision, and even then things can still go wrong. Use it with caution, and at your own risk.

Key Features

Automated Markdown Workflows

Write automation in markdown instead of complex YAML

AI-Powered Decision Making

Workflows that understand context and adapt to situations

GitHub Integration

Deep integration with Actions, Issues, PRs, Discussions, and repository management

Safety First

Sandboxed execution with minimal permissions and safe output processing

Multiple AI Engines

Support for Copilot, Claude, Codex, and custom AI processors

Continuous AI

Systematic, automated application of AI to software collaboration

Guardrails Built-In

AI agents can be manipulated by prompt injection, malicious repository content, or compromised tools. GitHub Agentic Workflows uses layered controls to keep each run contained: sandboxing limits where code can execute, scoped permissions limit what it can request, and gated outputs ensure only approved actions reach GitHub.

flowchart LR
    INPUT["Repository + Prompt Input"] --> TOKENS["Read-only Token"]
    TOKENS --> SECRETS["No Secrets in Agent"]
    SECRETS --> SANDBOX["Sandbox + Network Firewall"]
    SANDBOX --> SAFE["Safe Outputs Gate"]
    SAFE --> DETECT["Threat Detection Scan"]
    DETECT --> APPLY["Scoped Write Job"]

Read-only token

The agent can read repository state, but it cannot push commits or write to issues directly.

No secrets in agent runtime

Sensitive credentials stay in isolated downstream jobs, not inside the agent process.

Sandbox + network firewall

The agent runs in a container behind the Agent Workflow Firewall and can only reach allowed destinations.

Safe outputs gate

Requested actions are validated against your configured safe outputs policy before anything is applied.

Threat detection

A dedicated threat detection job scans proposed outputs and blocks suspicious changes.

See the Security Architecture for a full breakdown of the layered defense-in-depth model.

Manage Cost and Capacity

Cost control starts with visibility. Use gh aw logs and gh aw audit to find runs consuming the most time, tokens, and effective tokens, then tighten prompts, triggers, and model choices before spend drifts upward.

max-effective-tokens gives each run a hard budget, while OpenTelemetry exports traces and token data to OTLP backends for dashboards, alerting, and cost analysis. For optimization over time, compare cost with outcomes so lower spend still produces useful accepted results.

Cost Management

Track Actions minutes, inference spend, and the heaviest runs before deciding what to optimize

OpenTelemetry

Export workflow traces to OTLP backends for dashboards, alerts, and spend analysis

Effective Token Budgets

Cap runaway runs with max-effective-tokens and optimize around effective-token usage

Example: Daily Issues Report

Here’s a simple workflow that runs daily to create an upbeat status report:

---
on:
  schedule: daily

permissions:
  contents: read
  issues: read
  pull-requests: read

safe-outputs:
  create-issue:
    title-prefix: "[team-status] "
    labels: [report, daily-status]
    close-older-issues: true
---

## Daily Issues Report

Create an upbeat daily status report for the team as a GitHub issue.

## What to include

- Recent repository activity (issues, PRs, discussions, releases, code changes)
- Progress tracking, goal reminders and highlights
- Project status and recommendations
- Actionable next steps for maintainers

The gh aw cli hardens this to a traditional GitHub Actions Workflow (.lock.yml) that runs an AI coding agent (Copilot CLI, Claude Code, Codex, …) in a containerized environment on a schedule or manually. The AI coding agent reads your repository context, analyzes issues, generates visualizations, and creates reports. All defined in natural language rather than complex code.

Gallery

Issue & PR Management

Automated triage, labeling, and project coordination

Continuous Documentation

Continuous documentation maintenance and consistency

Continuous Improvement

Daily code simplification, refactoring, and style improvements

Metrics & Analytics

Daily reports, trend analysis, and workflow health monitoring

Quality & Testing

CI failure diagnosis, test improvements, and quality checks

Multi-Repository

Feature sync and cross-repo tracking workflows

Getting Started

Install the extension, add a sample workflow, and trigger your first run - all from the command line in minutes.

Creating Workflows

Create custom agentic workflows directly from the GitHub web interface using natural language.