[integrity] DIFC Integrity-Filtered Events Report — 2026-03-19 #21866
Closed
Replies: 1 comment
-
|
This discussion has been marked as outdated by Daily DIFC Integrity-Filtered Events Analyzer. A newer discussion is available at Discussion #21933. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
In the last 7 days, 1,543 DIFC integrity-filtered events were detected across 52 workflow runs. The most frequently filtered tool was
list_issues(1,132 events — 73% of all events), and filtering was heavily concentrated on a single day: 2026-03-19 accounted for 1,473 events (95%), compared to just 70 on 2026-03-18. This sharp concentration suggests the surge is driven by a high volume of issue-triggering activity on March 19 rather than a systemic change.The two dominant workflows — Auto-Triage Issues (616 events) and AI Moderator (615 events) — together account for 80% of all filtered events. Both workflows routinely call
list_issuesandsearch_issueson content contributed by external users, which the DIFC system correctly flags as having lower integrity (none:alltagged) than the agent's required level. This is expected behavior for community-facing workflows processing untrusted issue/PR bodies. The Sub-Issue Closer and Daily Documentation Updater show notable spikes (100 and 73 events respectively) that may warrant review.Key Metrics
none:all(1,543 events)unapproved:alltagprivatesecrecy taggithub(100%)📈 Events Over Time
The timeline reveals a sharp spike on 2026-03-19, with virtually no activity on 2026-03-18 (70 events). This is consistent with batch processing runs scheduled or triggered on March 19. The near-total concentration in a single day means the 7-day trend is essentially a point-in-time snapshot — additional days of data will be needed to assess whether this level is typical or elevated.
🔧 Top Filtered Tools
list_issuesdominates at 1,132 events (73%), followed bysearch_issues(244, 16%) andsearch_pull_requests(97, 6%). All seven affected tools are GitHub MCP tools that return content authored by external users — the filtering is triggered because those resources carrynone:allintegrity tags, which are insufficient for the agent's trust requirements.get_meandlist_discussionsappear as minor contributors (5 and 3 events respectively), suggesting they are edge cases rather than systemic issues.🏷️ Workflow & Tag Breakdown
All 1,543 filtered events carry the
none:allintegrity tag, meaning every event involves resources that have not been assigned any positive integrity classification. 210 events (14%) additionally carryunapproved:all, indicating resources authored by contributors who have not been approved. Only 8 events involveprivatesecrecy-tagged resources, meaning secret leakage risk is minimal.📋 Per-Workflow Breakdown
📋 Per-Server Breakdown
All filtering originates from the
githubMCP server. No other MCP servers (playwright, custom tools, etc.) triggered integrity filtering in this period.📋 Top Filtered Issues (by specific resource)
The most frequently blocked individual resources by reason string:
unapproved:all+approved:allunapproved:all+approved:allunapproved:all+approved:allunapproved:all+approved:allThese specific issues appear repeatedly across multiple workflow runs (e.g., Auto-Triage Issues, AI Moderator), suggesting they are high-activity community issues that are continuously being processed by automated workflows.
💡 Tuning Recommendations
Auto-Triage Issues & AI Moderator — consider bulk
list_issuesintegrity elevation: These workflows calllist_issues20–25 times per run in rapid succession. If the intended behavior is to process all open issues regardless of contributor status, consider configuring the activation job to apply a baselineread-only:issuesintegrity grant at the workflow level, allowing the agent to consume issue lists without triggering per-resource DIFC blocks.unapproved:allresources (210 events): Issues authored by contributors who are not on the approved list are generating a large share of filtered events. Review whether theAuto-Triage IssuesandAI Moderatorworkflows should be permitted to act on unapproved contributor issues, and if so, add an explicit integrity policy that covers this case.Sub-Issue Closer spike (100 events in one run): This is a high count for a single run. Investigate whether the workflow is fetching the full open issue list (which would produce many
none:alltagged resources in one batch). If the run was processing a large backlog, the spike may be a one-time event; if it's recurring, consider paginating or filtering the issue list before passing resources to the agent.Daily Documentation Updater (73 events, one run): Similarly, 73 events in a single run of this workflow suggests it is calling
search_pull_requestsorlist_issuesat scale. Verify whether the workflow's prompt or tool usage has changed recently and whether integrity tags could be elevated for internal PRs.Private secrecy-tagged events (8 events): A small but non-zero set of events involves
privatesecrecy-tagged resources (syntheticissue:#0entries). Confirm these are expected (placeholder resources from activation context) and not real private data leaking through the pipeline.get_mefiltering (5 events across AI Moderator): Theget_metool should not normally return integrity-tagged resources. These events likely indicate the GitHub MCP server is applying conservative defaults. Consider whitelistingget_meas a zero-integrity-risk tool if confirmed safe.Monitor daily trend as data accumulates: With only 2 days of data in this window, it is not possible to establish a baseline. Run this report daily for 1–2 weeks to determine whether 1,000–1,500 events/day is normal or an anomaly.
Generated by the Daily Integrity Analysis workflow
Analysis window: Last 7 days | Repository: github/gh-aw
Run: §23318632802
Beta Was this translation helpful? Give feedback.
All reactions