You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the last 7 days, 420 DIFC integrity-filtered events were detected across 21 workflow runs spanning 9 distinct workflows. All 420 events share the same filter reason: resources with none:all or unapproved:all integrity tags were blocked because agents require a minimum integrity level of "approved". The filtering is concentrated on a single day (2026-03-24), with a notable spike at 18:00 UTC (114 events in one hour driven by the Auto-Triage Issues workflow).
The dominant workflow by volume is Auto-Triage Issues (188 events, 45% of total), followed by AI Moderator (101 events). These workflows regularly encounter issues and PRs submitted by external contributors who have not yet been approved, which is the expected operation of the DIFC integrity system — the filtering is working as designed. No secrecy-tag filtering was observed in this period.
Key Metrics
Metric
Value
Total filtered events
420
Unique tools filtered
6
Unique workflows affected
9
Most common filter reason
Integrity below "approved" (100%)
Dominant integrity tag
none:all (420 events)
Secondary tag
unapproved:all (124 events)
Busiest day
2026-03-24 (418 events)
Busiest hour
2026-03-24T18:00 UTC (114 events)
📈 Events Over Time
Virtually all events (418 of 420) occurred on 2026-03-24, indicating today was unusually active — likely due to a surge of new external issue submissions (e.g., issue #22713 by dduran28, issue #22533 by mlinksva). The 18:00 UTC spike corresponds to a single Auto-Triage Issues run processing a large batch of unapproved issues.
🔧 Top Filtered Tools
list_issues dominates (325 events, 77%) because triage and moderator workflows iterate over open issues to find unapproved ones. search_issues (74 events, 18%) is the second most filtered call. Direct issue_read (15 events) and PR tools (search_pull_requests, pull_request_read, list_pull_requests) account for the remaining 6%.
🏷️ Filter Reasons and Tags
100% of events are integrity-filtered (no secrecy filtering). The top integrity tag none:all (420 events) indicates resources from contributors with no association to the repository. unapproved:all (124 events) appears as a secondary tag on some events, representing resources that have been explicitly flagged as not yet approved. The absence of secrecy-tag events confirms agents are not leaking private data to untrusted tools.
📋 Per-Workflow Breakdown
Workflow
Filtered Events
Auto-Triage Issues
188
AI Moderator
101
Issue Triage Agent
45
Sub-Issue Closer
41
Dev
35
Daily Team Evolution Insights
4
Code Simplifier
3
Release
2
Glossary Maintainer
1
📋 Per-Server Breakdown
MCP Server
Filtered Events
github
420
👤 Per-User Breakdown
Author Login
Filtered Events
dsyme
62
samuelkahessay
46
mnkiefer
32
mlinksva
20
chrizbo
15
strawgate
15
veverkap
14
pelikhan
12
TiggySravan
11
microsasa
11
mhavelock
10
jaroslawgajewski
9
Rubyj
9
johnwilliams-12
9
haritha-px
8
MH0386
8
diogenesc
8
unknown
7
Corb3nik
7
arezero
7
dduran28
6
Esomoire-consultancy-Company
6
(+ 27 more users with ≤5 events each)
—
🔍 Per-User Analysis
All filtering is driven by human external contributors, not bots. dsyme leads with 62 events (15%), followed by samuelkahessay (46) and mnkiefer (32). These are not automation actors — they are repository contributors whose issues or PRs have not yet received the "approved" integrity label. The high per-user counts reflect repeated attempts by workflows to read the same unapproved resource across multiple workflow runs (e.g., Auto-Triage Issues running on new comments or scheduled triggers). No single bot account is driving disproportionate filtering.
💡 Tuning Recommendations
High list_issues filter rate (325/420 events): The Auto-Triage Issues and AI Moderator workflows are iterating over all open issues including unapproved ones. Consider pre-filtering at the prompt level by restricting the issue query to only approved issues (e.g., with a label filter), reducing unnecessary DIFC trips.
Recurring high-volume issues: Issues like #22533 (22 hits) and #22510 (15 hits) are being read repeatedly across many runs. These issues should be reviewed for approval — if they contain valid bug reports or feature requests, approving them would eliminate the repeated filtering noise.
Sub-Issue Closer workflow (41 events): This workflow generated a high number of filters relative to its single run. Investigate whether it processes a bulk list of issues in one execution and consider whether it needs access to unapproved issues at all.
Dev workflow (35 events in 1 run): The Dev workflow triggered 35 filtered events in a single run. Review whether the workflow prompt or tool use inadvertently processes unapproved issues/PRs that it shouldn't need.
Monitor unapproved:all tag growth: 124 events (30%) involved resources tagged unapproved:all. If this count grows, it may indicate a backlog of issues awaiting human review for approval.
No secrecy filtering detected: The absence of secrecy-filtered events is a positive signal — agents are not passing confidential outputs to untrusted tool calls.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
In the last 7 days, 420 DIFC integrity-filtered events were detected across 21 workflow runs spanning 9 distinct workflows. All 420 events share the same filter reason: resources with
none:allorunapproved:allintegrity tags were blocked because agents require a minimum integrity level of "approved". The filtering is concentrated on a single day (2026-03-24), with a notable spike at 18:00 UTC (114 events in one hour driven by the Auto-Triage Issues workflow).The dominant workflow by volume is Auto-Triage Issues (188 events, 45% of total), followed by AI Moderator (101 events). These workflows regularly encounter issues and PRs submitted by external contributors who have not yet been approved, which is the expected operation of the DIFC integrity system — the filtering is working as designed. No secrecy-tag filtering was observed in this period.
Key Metrics
none:all(420 events)unapproved:all(124 events)📈 Events Over Time
Virtually all events (418 of 420) occurred on 2026-03-24, indicating today was unusually active — likely due to a surge of new external issue submissions (e.g., issue #22713 by
dduran28, issue #22533 bymlinksva). The 18:00 UTC spike corresponds to a single Auto-Triage Issues run processing a large batch of unapproved issues.🔧 Top Filtered Tools
list_issuesdominates (325 events, 77%) because triage and moderator workflows iterate over open issues to find unapproved ones.search_issues(74 events, 18%) is the second most filtered call. Directissue_read(15 events) and PR tools (search_pull_requests,pull_request_read,list_pull_requests) account for the remaining 6%.🏷️ Filter Reasons and Tags
100% of events are integrity-filtered (no secrecy filtering). The top integrity tag
none:all(420 events) indicates resources from contributors with no association to the repository.unapproved:all(124 events) appears as a secondary tag on some events, representing resources that have been explicitly flagged as not yet approved. The absence of secrecy-tag events confirms agents are not leaking private data to untrusted tools.📋 Per-Workflow Breakdown
📋 Per-Server Breakdown
👤 Per-User Breakdown
🔍 Per-User Analysis
All filtering is driven by human external contributors, not bots.
dsymeleads with 62 events (15%), followed bysamuelkahessay(46) andmnkiefer(32). These are not automation actors — they are repository contributors whose issues or PRs have not yet received the "approved" integrity label. The high per-user counts reflect repeated attempts by workflows to read the same unapproved resource across multiple workflow runs (e.g., Auto-Triage Issues running on new comments or scheduled triggers). No single bot account is driving disproportionate filtering.💡 Tuning Recommendations
High
list_issuesfilter rate (325/420 events): The Auto-Triage Issues and AI Moderator workflows are iterating over all open issues including unapproved ones. Consider pre-filtering at the prompt level by restricting the issue query to onlyapprovedissues (e.g., with a label filter), reducing unnecessary DIFC trips.Recurring high-volume issues: Issues like
#22533(22 hits) and#22510(15 hits) are being read repeatedly across many runs. These issues should be reviewed for approval — if they contain valid bug reports or feature requests, approving them would eliminate the repeated filtering noise.Sub-Issue Closer workflow (41 events): This workflow generated a high number of filters relative to its single run. Investigate whether it processes a bulk list of issues in one execution and consider whether it needs access to unapproved issues at all.
Dev workflow (35 events in 1 run): The Dev workflow triggered 35 filtered events in a single run. Review whether the workflow prompt or tool use inadvertently processes unapproved issues/PRs that it shouldn't need.
Monitor
unapproved:alltag growth: 124 events (30%) involved resources taggedunapproved:all. If this count grows, it may indicate a backlog of issues awaiting human review for approval.No secrecy filtering detected: The absence of secrecy-filtered events is a positive signal — agents are not passing confidential outputs to untrusted tool calls.
Generated by the Daily Integrity Analysis workflow
Analysis window: Last 7 days | Repository: github/gh-aw
Run: https://github.com/github/gh-aw/actions/runs/23509792463
Beta Was this translation helpful? Give feedback.
All reactions