Fix observability workflow to use MCP server tools

[github-actions]

Q Workflow Optimization Report

Issues Found (from live data)

Daily Observability Report (daily-observability-report.md)

• Analysis Source: Discussion #11692 - Daily Regulatory Report
• Run ID Analyzed: §21318073275
• Issues Identified:
  • Critical: Log download failure - workflow reported 0 runs analyzed
  • Root Cause: Workflow instructions tell agent to run shell commands (gh aw logs) instead of using MCP server tools
  • Impact: Complete observability coverage failure - no firewall or MCP gateway telemetry data collected

Root Cause Analysis

The workflow is configured with tools: agentic-workflows: true which sets up the gh-aw MCP server exposing tools like status, logs, and audit. However, the workflow instructions contained shell command examples like:

gh aw status --json
gh aw logs --start-date -7d -o /tmp/gh-aw/observability-logs -c 100

When the agent tried to execute these shell commands, they failed because:

1. The commands should be called as MCP server tools with JSON parameters, not as shell commands
2. The MCP server tools use different output paths (/tmp/gh-aw/aw-mcp/logs/ not /tmp/gh-aw/observability-logs/)
3. The workflow didn't clarify that these are MCP tools, leading to confusion

Changes Made

.github/workflows/daily-observability-report.md

Added clear MCP tool guidance:

• Added warning at the top explaining that status, logs, and audit are MCP server tools
• Emphasized these should be called as tools with JSON parameters, not shell commands

Updated Phase 1 (Fetch Workflow Runs):

• Replaced shell command examples with MCP tool parameter examples
• Step 1.1: Updated to use status MCP tool with JSON parameters
• Step 1.2: Updated to use logs MCP tool with JSON parameters
• Step 1.3: Updated to reference correct output directory (/tmp/gh-aw/aw-mcp/logs/)

Updated file paths throughout:

• Changed /tmp/gh-aw/observability-logs/ → /tmp/gh-aw/aw-mcp/logs/ (MCP tool output location)
• Updated all path patterns to use the correct MCP tool output directory

Example of changes:

Before:

gh aw logs --start-date -7d -o /tmp/gh-aw/observability-logs -c 100

After:

Tool: logs
Parameters:
{
  "workflow_name": "",
  "count": 100,
  "start_date": "-7d",
  "parse": true
}

Expected Improvements

• Fixes critical observability failure: Workflow will now successfully download logs using MCP server tools
• Restores telemetry coverage: Firewall access logs and MCP gateway logs will be properly analyzed
• Prevents future confusion: Clear documentation of MCP tool usage vs shell commands
• Improves reliability: Agents will correctly use the configured MCP server tools

Validation

✅ Workflow compiled successfully with gh aw compile daily-observability-report

• No compilation errors
• Only expected warnings (unrelated to this fix)
• Generated lock file matches expected structure

Note: Lock file will be regenerated automatically after merge by the copilot agent.

References

• Investigation Source: Discussion #11692
• Failed Run: §21318073275
• MCP Server Documentation: The agentic-workflows MCP server exposes status, logs, audit, compile, and other tools
• Output Location: MCP tools automatically output to /tmp/gh-aw/aw-mcp/logs/

---

Q Mission Summary: Investigated Daily Regulatory Report findings, identified MCP tool configuration issue, made surgical fix to workflow instructions, validated compilation. This fix should restore the Daily Observability Report functionality and prevent similar issues in other workflows using the agentic-workflows MCP server.

AI generated by Q

---

Note

This was originally intended as a pull request, but the git push operation failed.

Workflow Run: View run details and download patch artifact

The patch file is available in the agent-artifacts artifact in the workflow run linked above.

To apply the patch locally:

# Download the artifact from the workflow run https://github.com/githubnext/gh-aw/actions/runs/21320594020
# (Use GitHub MCP tools if gh CLI is not available)
gh run download 21320594020 -n agent-artifacts

# The patch file will be at agent-artifacts/tmp/gh-aw/aw.patch after download
# Apply the patch
git am agent-artifacts/tmp/gh-aw/aw.patch

Show patch preview (149 of 149 lines)

From bb560a12820646df400bfafef18d5a64a4c69585 Mon Sep 17 00:00:00 2001
From: Q - Agentic Workflow Optimizer <agentic-workflows[bot]@github.com>
Date: Sat, 24 Jan 2026 19:52:53 +0000
Subject: [PATCH] fix: Update observability workflow to use MCP server tools

Fixes the Daily Observability Report workflow failure reported in #11692.

The workflow was configured with `tools: agentic-workflows: true` which sets up
the gh-aw MCP server, but the instructions told the agent to run shell commands
like `gh aw logs` instead of using the MCP server tools.

Changes:
- Updated Phase 1 instructions to use MCP server tools (`status`, `logs`, `audit`)
- Replaced shell command examples with MCP tool parameter examples
- Updated file paths to use `/tmp/gh-aw/aw-mcp/logs/` (MCP tool output location)
- Added clear warnings that these are MCP tools, not shell commands

The MCP server tools provide the same functionality but are called as tools
with JSON parameters instead of shell commands with CLI flags.

Related: #11692 (Daily Regulatory Report - Observability failure)
---
 .../workflows/daily-observability-report.md   | 72 +++++++++++++------
 1 file changed, 51 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/daily-observability-report.md b/.github/workflows/daily-observability-report.md
index 3e3af1d..4e70d9b 100644
--- a/.github/workflows/daily-observability-report.md
+++ b/.github/workflows/daily-observability-report.md
@@ -36,6 +36,8 @@ imports:
 
 You are an expert site reliability engineer analyzing observability coverage for GitHub Agentic Workflows. Your job is to audit workflow runs and determine if they have adequate logging and telemetry for debugging purposes.
 
+**IMPORTANT**: This workflow uses the `agentic-workflows` MCP server which provides tools for interacting with gh-aw workflows. The tools `status`, `logs`, and `audit` are MCP server tools that you should call directly - they are NOT shell commands. Call them as MCP tools with JSON parameters.
+
 #
... (truncated)