feat: add AWF issue auditor workflow

[lpcox]

Summary

Adds an agentic workflow (awf-issue-auditor) that runs every 6 hours to audit issues in github/gh-aw labeled awf and creates corresponding tracking issues in gh-aw-firewall.

What it does

1. Lists open issues in github/gh-aw with the awf label
2. Skips issues that already have a comment linking to a gh-aw-firewall issue
3. For each unprocessed issue, creates a tracking issue in gh-aw-firewall with:
   • Problem description from the firewall's perspective
   • Root cause analysis referencing specific AWF source files
   • Proposed solution
4. Comments on the original gh-aw issue with a link to the new tracking issue

Configuration

• Schedule: Every 6 hours (fuzzy) + manual dispatch
• Cross-repo auth: Uses GH_AW_CROSS_REPO_PAT secret for reading gh-aw and writing to both repos
• Safe outputs: Up to 10 issues + 10 comments per run
• min-integrity: none (reads all issue content regardless of author association)
• Labels: Created issues are tagged awf-triage

Prerequisites

• GH_AW_CROSS_REPO_PAT repository secret with access to both github/gh-aw (read) and github/gh-aw-firewall (write)

[github-actions]

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	82.73%	82.83%	📈 +0.10%
Statements	82.39%	82.49%	📈 +0.10%
Functions	81.44%	81.44%	➡️ +0.00%
Branches	76.06%	76.11%	📈 +0.05%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	85.7% → 86.1% (+0.43%)	85.2% → 85.6% (+0.42%)

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[Copilot]

Pull request overview

Adds a new gh-aw agentic workflow that periodically triages github/gh-aw issues labeled awf by creating corresponding tracking issues in github/gh-aw-firewall, then back-linking via a comment.

Changes:

• Introduces the awf-issue-auditor agent prompt/workflow definition (.md).
• Adds the compiled/locked GitHub Actions workflow (.lock.yml) for scheduled + manual runs.
• Updates the repo’s action pin lockfile to include github/gh-aw-actions/setup@v0.63.0.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
.github/workflows/awf-issue-auditor.md	Defines the agent instructions, repo allowlist, and safe-output constraints for cross-repo auditing.
.github/workflows/awf-issue-auditor.lock.yml	Generated compiled workflow implementing the scheduled agent run, MCP gateway, and safe output processing.
.github/aw/actions-lock.json	Adds the pinned github/gh-aw-actions/setup@v0.63.0 entry required by the new compiled workflow.

Comments suppressed due to low confidence (2)

.github/workflows/awf-issue-auditor.md:45

• The skip heuristic only checks for a full URL to github/gh-aw-firewall/issues/.... In this repo, tracking links are sometimes written as plain text (e.g. gh-aw-firewall issue #123), so this could create duplicate tracking issues for already-audited items. Consider matching both URL links and the common gh-aw-firewall issue #<n> pattern (and/or checking issue body as well as comments).

### 2. Filter Out Already-Audited Issues

For each issue found, read its comments and check whether any comment contains a link to a `github/gh-aw-firewall` issue (i.e., a URL matching `https://github.com/github/gh-aw-firewall/issues/`). If such a comment exists, **skip** that issue — it has already been audited.

.github/workflows/awf-issue-auditor.md:41

• Safe outputs are capped at 10 create-issue + 10 add-comment actions per run, but the prompt currently instructs the agent to search/process all matching issues. To avoid wasted runtime and partial/non-deterministic processing when limits are hit, consider explicitly telling the agent to process at most 10 unprocessed issues per run (and define an ordering, e.g. oldest-first).

### 1. List AWF-Labeled Issues

Search for all **open** issues in `github/gh-aw` with the label `awf`.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Step 1 says to "Search for all open issues" with label awf, but GitHub search commonly includes pull requests unless is:issue is specified. To avoid accidentally creating firewall tracking issues for PRs, update the instructions to explicitly include is:issue in the query (e.g. repo:github/gh-aw is:open is:issue label:awf).

This issue also appears in the following locations of the same file:

• line 38
• line 42

Suggested change

	Search for all **open** issues in `github/gh-aw` with the label `awf`.
	Search for all **open** issues in `github/gh-aw` with the label `awf` using this query: `repo:github/gh-aw is:open is:issue label:awf`.

[Copilot]

create-issue isn’t constrained to only create issues in github/gh-aw-firewall (there’s no repo allowlist/target specified for it), while the safeoutputs write-sink accepts both github/gh-aw and github/gh-aw-firewall. If the intent is to only create tracking issues in gh-aw-firewall, consider adding a repo restriction/target for create-issue (if supported by safe-outputs config) so the agent can’t create issues in github/gh-aw by mistake.

Suggested change

	labels: [awf-triage]
	labels: [awf-triage]
	allowed-repos: ["github/gh-aw-firewall"]

[github-actions]

Smoke Test Results — PASS

• ✅ GitHub MCP: fix: auto-inject GH_HOST from GITHUB_SERVER_URL when --env-all is used #1453 fix: auto-inject GH_HOST from GITHUB_SERVER_URL when --env-all is used, fix: allow host service ports for GitHub Actions services containers #1436 fix: allow host service ports for GitHub Actions services containers
• ✅ Playwright: github.com title contains "GitHub"
• ✅ File write: smoke-test-claude-23615672889.txt created
• ✅ Bash verify: file contents confirmed

💥 [THE END] — Illustrated by Smoke Claude for issue #1459

[github-actions]

Smoke test results for run 23615672892:

• ✅ GitHub MCP: feat(api-proxy): enforce per-request ephemeral token validation on all proxy endpoints #1455 feat(api-proxy): enforce per-request ephemeral token validation | fix: auto-inject GH_HOST from GITHUB_SERVER_URL when --env-all is used #1453 fix: auto-inject GH_HOST from GITHUB_SERVER_URL
• ✅ Playwright: github.com title contains "GitHub"
• ✅ File write: /tmp/gh-aw/agent/smoke-test-copilot-23615672892.txt created
• ✅ Bash: file verified via cat

Overall: PASS

PR author: @lpcox. No assignees on this PR.

📰 BREAKING: Report filed by Smoke Copilot for issue #1459

[github-actions]

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	1/1 passed	✅ PASS
Go	env	✅	1/1 passed	✅ PASS
Go	uuid	✅	1/1 passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	All passed	✅ PASS
Node.js	execa	✅	All passed	✅ PASS
Node.js	p-limit	✅	All passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Generated by Build Test Suite for issue #1459 · ◷

[github-actions]

🔮 Oracle smoke ledger for PR #1459

• Last 2 merged PRs reviewed (MCP): ✅ fix: auto-inject GH_HOST from GITHUB_SERVER_URL when --env-all is used; fix: allow host service ports for GitHub Actions services containers
• safeinputs-gh pr list --limit 2: ❌ (tool unavailable in this run)
• Playwright github.com title contains "GitHub": ✅
• Tavily search "GitHub Agentic Workflows Firewall": ❌ (tool unavailable)
• File write + bash cat verification: ✅
• Discussion query/comment workflow: ❌ (github-discussion-query unavailable; only one safe-output call permitted)
• npm ci && npm run build: ✅
• Overall status: FAIL

🔮 The oracle has spoken through Smoke Codex

Warning

⚠️ Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

• ab.chatgpt.com
• registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "ab.chatgpt.com"
    - "registry.npmjs.org"

See Network Configuration for more information.