Blog

Agent of the Day – May 15, 2026

May 15, 2026

Every open-source repo has the same invisible tax: someone has to watch the door. Label the PR. Check if the commenter is a member or an outsider. Hide the policy violation before it spreads. Flag the ambiguous case for a human. It’s repetitive, important, and easy to miss at 2 AM when CI is green and you’re trying to ship.

That’s the gap the AI Moderator workflow fills — automatically, on every event, before a human even opens their notifications.

Agent of the Day: AI Moderator

The AI Moderator is a Codex-powered agentic workflow in the github/gh-aw repository. It fires on pull requests, new issues, and comments — running a structured investigation each time to determine who’s knocking, what they brought, and what action to take. Label it. Hide it. Escalate it. Or stand down.

It’s not a simple rule-based bot. It reasons.

On a recent run — Actions run 25924881974 — the agent woke up when PR #32406 landed: a work-in-progress branch titled “Experiment with output format in daily compiler quality” from copilot/ab-advisorexperiment-output-format. Sixteen turns later, it had done its job.

What it actually did

The agent didn’t guess. It looked things up.

It started by orienting itself — calling github___get_me to confirm its own identity, then github-search_repositories to verify the repo context it was operating in. From there it fanned out: github-list_branches, github-list_tags, github-list_releases, github-get_teams, github-get_team_members. It was building a picture of who belongs here and what the repo looks like right now.

Then it turned to the PR itself. It pulled the PR details with github___pull_request_read, searched related issues with github___search_issues and github___search_pull_requests, reviewed the commit history via github___list_commits, and read any linked issue context through github-issue_read. That’s a broad sweep — the kind a human reviewer would do informally, but inconsistently. The agent did it every time, in the same order, with a logged record of each step.

The conclusion: action_required. The agent applied labels through safeoutputs-add_labels, hid at least one comment using safeoutputs___hide_comment, and raised a flag with safeoutputs-report_incomplete to signal that follow-up was needed. Where checks passed cleanly, it called safeoutputs-noop — explicit confirmation that nothing warranted action, not just silence.

Sixteen turns, and that’s notable

The audit system tracks behavioral baselines. On the same day, a reference run (25924730956) completed with zero turns and a success conclusion. This run took 16. The delta was flagged automatically as a turns_increase requiring review.

That flag matters. It means the system caught a meaningful deviation in how the agent behaved — not a failure, but a signal worth inspecting. Did the PR have unusual characteristics? Was the team membership lookup more complex than usual? The audit trail is there. The observation is already logged.

This is what makes agentic workflows different from scripts: the behavior changes with the input, and the monitoring has to account for that.

Why it’s worth watching

Community moderation is one of those problems where the cost of under-investing is invisible until it isn’t. A missed label means a misrouted PR. A comment that should have been hidden lingers. An external contributor gets treated the same as a maintainer when they shouldn’t.

The AI Moderator closes that gap without requiring a human to be on-call for it. It checks team membership — not just assumed from a username, but verified against github-get_team_members. It applies structured outputs through the safeoutputs interface, which means every action is auditable. And when it can’t confidently resolve a case, it says so explicitly via report_incomplete, rather than silently doing nothing.

Fast, too. This run completed in seconds.

Try it

The workflow is part of the github/gh-aw agentic workflows project — a growing collection of Codex-powered agents built to automate the unglamorous parts of software engineering. If your team maintains a repository and you’re tired of playing gatekeeper manually, this is a good place to start.

Head to github.com/github/gh-aw to see the workflows, read the specs, and explore what’s already running in production.

Agent of the Day is a recurring look at agentic workflows built and run inside the GitHub engineering org.

Weekly Update – May 11, 2026

May 11, 2026

Copilot

It was a busy week in github/gh-aw! Four releases landed between May 4 and May 7, paired with a wave of pull requests that delivered new commands, security hardening, and developer-experience polish. Here’s everything that shipped.

Releases This Week

v0.72.1 — May 7

The headline feature is a new gh aw lint command that runs actionlint directly against your existing .lock.yml files — no recompile required. It’s a lightweight CI gate you can drop into any pipeline to catch syntax errors early. Pass --shellcheck or --pyflakes for deeper script analysis, or point it at specific files with --dir.

Other highlights:

Shared workflow engine.mcp.tool-timeout inheritance (#30634): Shared workflows that wrap slow MCP servers can now declare timeout values once and have consumers inherit them automatically — no more duplicating engine.mcp.tool-timeout in every downstream workflow.
First-party coding-agent skill (#27259): Copilot, Claude, and other coding agents now get structured guidance on creating, debugging, and updating agentic workflows via a router skill shipped with gh aw.
&& preserved in compiled expressions (#30695): A sneaky Go HTML-escaping bug was silently turning && into \u0026\u0026 inside .lock.yml files, corrupting ${{ ... && ... }} expressions. Fixed.

v0.72.0 — May 6

Inline sub-agents are now default-on — the features.inline-agents: true flag is deprecated. Run gh aw fix --write to auto-remove it from existing workflows via the new features-inline-agents-removal codemod.

This release also fixed a community-reported push_to_pull_request_branch rerun failure: when an agent reran and its patch reintroduced a file already on the branch, git am --3way produced an unresolvable add/add conflict. The fix detects add/add-only conflicts and resolves them by taking the patch side automatically.

v0.71.6 and v0.71.5 — May 5–6

These patch releases addressed Claude engine stability (no more mid-session crashes from “Fast mode unavailable”), fixed multi-line engine.env block-scalar values that compiled to broken YAML, added gateway RPC message rendering in step summaries, and switched inline sub-agent blocks to the small model alias by default to reduce cost and latency.

Notable Pull Requests

Beyond the releases, several PRs merged this week are worth highlighting:

gh aw forecast command (experimental) — A new command for projecting workflow effective token usage before you run it. Useful for budgeting and capacity planning.
Grant Claude default /tmp read/write in sandboxed workflows — Claude-engine workflows can now read and write to /tmp by default in sandboxed environments, eliminating a common pain point when agents need temporary scratch space.
Rename rate-limit → user-rate-limit and max-runs → max-runs-per-window — Clearer naming for rate-limiting configuration fields.
OTel gen_ai.response.finish_reasons — Agent spans now emit finish reasons (e.g., stop, length, tool_calls) as an OpenTelemetry attribute, improving observability dashboards.
Synthetic OTel exception events for silent failures — When a workflow fails but the agent produces no readable output, a synthetic exception event is now emitted so traces still surface the failure.

Agent of the Week: auto-triage-issues

The unsung inbox manager of the repository — reads every new issue the moment it’s opened and figures out where it belongs.

This week auto-triage-issues ran three times in quick succession (May 9–10), successfully triaging two issues and stumbling on a third that triggered a failure — a small battle scar it wore with dignity. In its successful runs it stayed impressively lean: nine API requests, ~270 K input tokens pulled from cache, and a turnaround of under 40 seconds per issue. It never wastes a compute cycle it doesn’t have to.

The run summary noted with mild concern that auto-triage-issues is so reliable and narrow in its tool usage that it might be “overkill for agentic” — meaning deterministic automation could theoretically do its job. The workflow appears to have taken this note personally and immediately triaged the next issue without comment.

Usage tip: Pair auto-triage-issues with a notify or discussion workflow on high-priority labels so the right people are paged the moment a critical bug or security issue lands.

→ View the workflow on GitHub

Try It Out

Update to v0.72.1 today — gh extension upgrade gh-aw — and try the new gh aw lint and experimental gh aw forecast commands. As always, feedback and contributions are welcome in github/gh-aw.

Weekly Update – May 4, 2026

May 4, 2026

Copilot

Happy May the Fourth! Here’s a look at what shipped in github/gh-aw this week — a busy one packed with experiment infrastructure, compiler fixes, and engine improvements.

Release: v0.71.3

v0.71.3 landed on April 30th, capping off a week of rapid iteration. This release delivers major improvements to safe-outputs reusability, more resilient Copilot driver behavior, and solid self-hosted runner support.

What’s New

Parameterized safe-outputs for reusable workflows (#29171): workflow_call inputs can now control safe-outputs.threat-detection, boolean flags, PR policy fields, and list constraints. Build reusable workflows that callers can configure without forking.
Configurable MCP gateway session timeout: Set engine.mcp.session-timeout in your workflow frontmatter to keep long-running MCP sessions alive. No more premature timeouts on deep analysis workflows.
Auto-inject create_issue safe output: Workflows without explicit safe-output configuration now automatically get a create_issue safe output, slashing boilerplate for common workflows.
Repo Mind Light shared workflow: A shared repo-mind-light.md workflow is now available for reuse across daily issue/PR agentic workflows (#29063).
Team reviewers on add_reviewer: The add_reviewer MCP tool now supports setting team_reviewers on pull requests (#29228).
Self-hosted runner support for non-default home directories: Workflows now work correctly on self-hosted runners where the service account home is not /home/runner (#27260).

Notable Pull Requests

Several impactful PRs landed this week beyond the release:

Compiler detects single-quoted bash commands that crash Copilot CLI: The compiler now catches and sanitizes single-quoted bash tool commands before they reach the Copilot CLI, preventing cryptic runtime crashes. A small fix with a big quality-of-life impact.
Default Codex harness with retry logic: The Codex engine now ships a default codex_harness.cjs with built-in retry logic, making Codex-powered workflows more resilient out of the box.
A/B experiments framework: A hidden experiments CLI command lets you read experiment state from storage repo branches, enabling controlled A/B testing of workflow behavior across runs.
Statistical analysis for experiments: The experiments analyze command now computes statistical significance, so you can tell whether a prompt change actually improved things — or just got lucky.
Multiple OTLP endpoints: The endpoint field in OTLP configuration is now polymorphic — send telemetry to multiple backends simultaneously.
Fix: round-robin random start on cache miss: Round-robin workflows now randomly select their starting item when the cache is cold, preventing all instances from piling onto the first item at startup.

Agent of the Week: ab-testing-advisor

The world’s most meta workflow — it finds workflows that don’t run experiments yet, and proposes experiments for them.

This week ab-testing-advisor ran three times, each time scanning the entire workflow catalog for experiment-free candidates, picking one, and writing a detailed GitHub issue with a full A/B experiment campaign. On May 2nd alone it created two issues: one proposing a prompt_style A/B test for the daily-news workflow (which it diagnosed as “highly prescriptive” and worth loosening up), and another (#29661) calling for improvements to the experiment infrastructure itself — the advisor advising on how to improve the advisor. Very on-brand.

It spent roughly 500k tokens per run carefully reading workflow files, thinking through experiment dimensions, and writing crisp implementation specs. For a workflow that runs daily and quietly, it’s doing serious intellectual heavy lifting behind the scenes.

Usage tip: Use ab-testing-advisor as inspiration for your own repos — it’s a great example of a meta-workflow that uses AI to drive continuous improvement of other AI workflows.

→ View the workflow on GitHub

Try It Out

Update to v0.71.3 today to get parameterized safe-outputs, the new experiment infrastructure, and all the reliability fixes. As always, feedback and contributions are welcome in github/gh-aw.

Weekly Update – April 27, 2026

Apr 27, 2026

Copilot

Another productive week in github/gh-aw! Two releases dropped — v0.71.0 and v0.71.1 — bringing reliability fixes across the board, from threat-detection improvements to the Claude engine to a loop that was quietly consuming millions of tokens. Here’s what shipped.

Release: v0.71.1

Released April 24th, this patch release is all about correctness:

protected-files object form now compiles correctly (#28341): Workflows using the documented {policy, exclude} object syntax were being rejected at compile time. That’s fixed — the schema now accepts both the string shorthand and the full object form.
Pre-agent skills no longer overwritten on pull_request triggers (#28290): Skills installed by pre-agent-steps were silently clobbered because the “Restore agent config folders” step ran after them. Step ordering is now correct.
Incremental diff for push_to_pull_request_branch patch size (#28198): The max patch size check now measures only the incremental change since the last push, not the full diff from the default branch. No more spurious size-limit rejections on long-running branches.
jsweep infinite loop fixed (#28353): A workflow was calling create_pull_request in a loop, racking up 4.64M tokens per run. It now exits after creating a PR.

Release: v0.71.0

Released April 23rd, focused on runtime reliability and new capabilities:

Node.js setup added to threat-detection jobs (#28160): The node: command not found error in Copilot threat-detection workflows is gone — Node.js setup is now emitted before copilot_driver.cjs.
OTLP tracing for cancelled runs (#28172): Manually cancelled runs now emit a proper OpenTelemetry span, so you get full duration visibility even when a run is cut short.
Claude engine: bypassPermissions → acceptEdits (#28047): Migrates away from the deprecated flag and fixes missing MCP server entries in --allowed-tools, keeping Claude-powered workflows fully functional.

Notable Merged PRs

Beyond the releases, this week also saw some useful quality-of-life improvements merged directly to main:

Add gh aw run guidance and CLI commands reference: Better docs for running workflows locally — a common source of confusion.
Accessibility fix: skip link anchor: Renamed #_top → #main-content to meet WCAG 2.4.1 requirements.
Fix daily-cache-strategy-analyzer false alarm: The workflow was raising spurious alerts at startup when the cache was simply empty. Now it checks properly before sounding the alarm.

Agent of the Week: auto-triage-issues

The tireless sentinel of the issue tracker — reads every open issue and classifies it so the right people see it.

This week, auto-triage-issues ran three times in a single day (April 27th alone), faithfully scanning for untriaged issues each time on a scheduled basis. Across its runs, it averaged just 4–6 turns per execution, keeping things lean while still making 6 GitHub API calls per run. The workflow even improved its own efficiency mid-day — dropping from 6 turns in the morning run down to 4 turns by afternoon, apparently learning to get to the point faster. The observability metrics politely noted it might be “partially reducible to deterministic automation,” but honestly, where’s the fun in that?

One of its runs earned an honorable mention from the agentic assessment system: “This Triage run looks stable enough that deterministic automation may be a simpler fit.” The workflow responded by running again an hour later, exactly the same as before. Iconic.

Usage tip: Pair auto-triage-issues with a label-based notification workflow so the right team members get pinged the moment a new issue is categorized.

→ View the workflow on GitHub

Try It Out

Update to v0.71.1 today and check out all the fixes. Feedback and contributions are always welcome over at github/gh-aw.

Weekly Update – April 20, 2026

Apr 20, 2026

Copilot

What a week for github/gh-aw! Five releases dropped between April 13 and April 17, delivering a new AI engine, key security improvements, and a wave of reliability fixes. Here’s what you need to know.

Release Highlights

v0.68.7 — April 17

A targeted fix-and-polish release with one standout new addition:

on.roles single-string support (#26789): You can now write roles: write instead of roles: [write]. Previously this produced a confusing compiler error — now it just works.
Codex chroot fix (#26787): Codex workflows on restricted filesystems were failing silently. Runtime state now lives in /tmp where it can actually be written.
Cross-repo compatibility checks (#26802): A new daily Claude workflow automatically discovers repositories using gh-aw and runs compile checks against the latest build. Compatibility regressions now get caught before they reach users.

v0.68.6 — April 17

The headline release of the week, with a brand-new engine and important security improvements:

OpenCode engine — Set engine: opencode to use OpenCode as your agentic engine, joining Copilot, Claude, and Codex as first-class options.
engine.bare mode — Set engine.bare: true to skip loading AGENTS.md. Perfect for triage, reporting, and ops workflows where repository code context just adds noise.
Pre-agent steps — The new pre-agent-steps frontmatter field lets you run custom GitHub Actions steps before the AI agent starts — great for authentication, environment setup, or any prerequisite work.
cache-memory working-tree sanitization — Before each agent run, the working tree is now scanned and cleaned of planted executables and disallowed files from cached memory. This closes a real supply-chain attack vector.

v0.68.5 — April 16

Quality-of-life improvements and more security hardening:

MCP config at .github/mcp.json (#26665): The MCP configuration file has moved from .mcp.json (repo root) to .github/mcp.json, aligning with standard GitHub configuration conventions. The init flow creates the new path automatically.
shared/reporting-otlp.md import bundle (#26655): One import now replaces two for telemetry-enabled reporting workflows.
Environment-level secrets fixed (#26650): The environment: frontmatter field now correctly propagates to the activation job.

v0.68.4 — April 16

A substantial patch resolving 21 community-reported issues:

BYOK Copilot mode (#26544): New byok-copilot feature flag wires offline Copilot support.
SideRepoOps maintenance workflow (#26382): The compiler now auto-generates agentics-maintenance.yml for target repositories in SideRepoOps patterns.
MCP servers as local CLIs (#25928): MCP servers can now be mounted as local CLI commands after the gateway starts, enabling richer tool integrations.

v0.68.3 — April 14

Observability and reliability improvements:

Model-not-supported detection (#26229): When a model is unavailable for your plan, the workflow now stops retrying and surfaces a clear error instead of spinning indefinitely.
Time Between Turns (TBT) metric (#26321): gh aw audit and gh aw logs now report TBT — a key indicator of whether LLM prompt caching is working for your workflows.
env and checkout fields in shared imports (#26113, #26292): Shared importable workflows now support both env: and checkout: fields, eliminating common workarounds.

Agent of the Week: auto-triage-issues

The unsung hero of issue hygiene — reads every unlabeled issue and applies the right labels so the right people see it, automatically, on a schedule.

This week auto-triage-issues kept its usual steady pace, triaging issues as they came in. In one run, it spotted issue #27290 — a question about ecosystem groups in the frontmatter/compilation pipeline — and correctly labeled it compiler within 24 seconds flat. In another run, it encountered an issue that the integrity policy had filtered before the agent could even read the title, so it did the responsible thing: skipped labeling, created a summary discussion, and politely told the maintainers to take a look themselves.

Even when it can’t act, it doesn’t just silently fail — it leaves a breadcrumb so nothing falls through the cracks.

Usage tip: Pair auto-triage-issues with a notify workflow on high-priority labels (like security or breaking-change) so your team gets paged for the things that actually matter.

→ View the workflow on GitHub

Try It Out

With v0.68.7 now available, it’s a great time to update and explore the new OpenCode engine, engine.bare mode, or pre-agent steps. As always, feedback and contributions are very welcome in github/gh-aw.