From 61103a99f3b2d9a0474d955af717619cbaa70163 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 22 Feb 2026 18:34:03 +0000
Subject: [PATCH 1/7] Initial plan
From 976d601c3a40325b2fd6a86ebbebde8356a9c59e Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 22 Feb 2026 19:01:20 +0000
Subject: [PATCH 2/7] Refactor safe outputs prompt: extract static intro to
file in actions/setup/md/, wrap in XML tags
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../agent-performance-analyzer.lock.yml | 38 +---
.../workflows/agent-persona-explorer.lock.yml | 38 +---
.github/workflows/ai-moderator.lock.yml | 38 +---
.github/workflows/archie.lock.yml | 38 +---
.github/workflows/artifacts-summary.lock.yml | 38 +---
.github/workflows/audit-workflows.lock.yml | 38 +---
.github/workflows/auto-triage-issues.lock.yml | 38 +---
.github/workflows/blog-auditor.lock.yml | 38 +---
.github/workflows/bot-detection.lock.yml | 38 +---
.github/workflows/brave.lock.yml | 38 +---
.../breaking-change-checker.lock.yml | 38 +---
.github/workflows/changeset.lock.yml | 38 +---
.github/workflows/ci-coach.lock.yml | 38 +---
.github/workflows/ci-doctor.lock.yml | 38 +---
.../claude-code-user-docs-review.lock.yml | 38 +---
.../cli-consistency-checker.lock.yml | 38 +---
.../workflows/cli-version-checker.lock.yml | 38 +---
.github/workflows/cloclo.lock.yml | 38 +---
.../workflows/code-scanning-fixer.lock.yml | 38 +---
.github/workflows/code-simplifier.lock.yml | 38 +---
.../commit-changes-analyzer.lock.yml | 38 +---
.github/workflows/contribution-check.lock.yml | 38 +---
.../workflows/copilot-agent-analysis.lock.yml | 38 +---
.../copilot-cli-deep-research.lock.yml | 38 +---
.../copilot-pr-merged-report.lock.yml | 38 +---
.../copilot-pr-nlp-analysis.lock.yml | 38 +---
.../copilot-pr-prompt-analysis.lock.yml | 38 +---
.../copilot-session-insights.lock.yml | 38 +---
.github/workflows/craft.lock.yml | 38 +---
.../daily-assign-issue-to-user.lock.yml | 38 +---
.github/workflows/daily-choice-test.lock.yml | 38 +---
.../workflows/daily-cli-performance.lock.yml | 38 +---
.../workflows/daily-cli-tools-tester.lock.yml | 38 +---
.github/workflows/daily-code-metrics.lock.yml | 38 +---
.../workflows/daily-compiler-quality.lock.yml | 38 +---
.../daily-copilot-token-report.lock.yml | 38 +---
.github/workflows/daily-doc-updater.lock.yml | 38 +---
.github/workflows/daily-fact.lock.yml | 38 +---
.github/workflows/daily-file-diet.lock.yml | 38 +---
.../workflows/daily-firewall-report.lock.yml | 38 +---
.../workflows/daily-issues-report.lock.yml | 38 +---
.../daily-malicious-code-scan.lock.yml | 38 +---
.../daily-mcp-concurrency-analysis.lock.yml | 38 +---
.../daily-multi-device-docs-tester.lock.yml | 38 +---
.github/workflows/daily-news.lock.yml | 38 +---
.../daily-observability-report.lock.yml | 38 +---
.../daily-performance-summary.lock.yml | 38 +---
.github/workflows/daily-regulatory.lock.yml | 38 +---
.../daily-rendering-scripts-verifier.lock.yml | 38 +---
.../workflows/daily-repo-chronicle.lock.yml | 38 +---
.../daily-safe-output-optimizer.lock.yml | 38 +---
.../daily-safe-outputs-conformance.lock.yml | 38 +---
.../workflows/daily-secrets-analysis.lock.yml | 38 +---
.../daily-security-red-team.lock.yml | 38 +---
.github/workflows/daily-semgrep-scan.lock.yml | 38 +---
.../daily-syntax-error-quality.lock.yml | 38 +---
.../daily-team-evolution-insights.lock.yml | 38 +---
.github/workflows/daily-team-status.lock.yml | 38 +---
.../daily-testify-uber-super-expert.lock.yml | 38 +---
.../workflows/daily-workflow-updater.lock.yml | 38 +---
.github/workflows/deep-report.lock.yml | 38 +---
.github/workflows/delight.lock.yml | 38 +---
.github/workflows/dependabot-burner.lock.yml | 38 +---
.../workflows/dependabot-go-checker.lock.yml | 38 +---
.github/workflows/dev-hawk.lock.yml | 38 +---
.github/workflows/dev.lock.yml | 38 +---
.../developer-docs-consolidator.lock.yml | 38 +---
.github/workflows/dictation-prompt.lock.yml | 38 +---
.../workflows/discussion-task-miner.lock.yml | 38 +---
.github/workflows/docs-noob-tester.lock.yml | 38 +---
.github/workflows/draft-pr-cleanup.lock.yml | 38 +---
.../duplicate-code-detector.lock.yml | 38 +---
.../example-workflow-analyzer.lock.yml | 38 +---
.github/workflows/firewall-escape.lock.yml | 38 +---
.../workflows/functional-pragmatist.lock.yml | 38 +---
.../github-mcp-structural-analysis.lock.yml | 38 +---
.../github-mcp-tools-report.lock.yml | 38 +---
.../github-remote-mcp-auth-test.lock.yml | 38 +---
.../workflows/glossary-maintainer.lock.yml | 38 +---
.github/workflows/go-fan.lock.yml | 38 +---
.github/workflows/go-logger.lock.yml | 38 +---
.../workflows/go-pattern-detector.lock.yml | 38 +---
.github/workflows/gpclean.lock.yml | 38 +---
.github/workflows/grumpy-reviewer.lock.yml | 38 +---
.github/workflows/hourly-ci-cleaner.lock.yml | 38 +---
.../workflows/instructions-janitor.lock.yml | 38 +---
.github/workflows/issue-arborist.lock.yml | 38 +---
.github/workflows/issue-monster.lock.yml | 38 +---
.github/workflows/issue-triage-agent.lock.yml | 38 +---
.github/workflows/jsweep.lock.yml | 38 +---
.../workflows/layout-spec-maintainer.lock.yml | 38 +---
.github/workflows/lockfile-stats.lock.yml | 38 +---
.github/workflows/mcp-inspector.lock.yml | 38 +---
.github/workflows/mergefest.lock.yml | 38 +---
.../workflows/notion-issue-summary.lock.yml | 38 +---
.github/workflows/org-health-report.lock.yml | 38 +---
.github/workflows/pdf-summary.lock.yml | 38 +---
.github/workflows/plan.lock.yml | 38 +---
.github/workflows/poem-bot.lock.yml | 38 +---
.github/workflows/portfolio-analyst.lock.yml | 38 +---
.../workflows/pr-nitpick-reviewer.lock.yml | 38 +---
.github/workflows/pr-triage-agent.lock.yml | 38 +---
.../prompt-clustering-analysis.lock.yml | 38 +---
.github/workflows/python-data-charts.lock.yml | 38 +---
.github/workflows/q.lock.yml | 38 +---
.github/workflows/refiner.lock.yml | 38 +---
.github/workflows/release.lock.yml | 38 +---
.../workflows/repo-audit-analyzer.lock.yml | 38 +---
.github/workflows/repo-tree-map.lock.yml | 38 +---
.../repository-quality-improver.lock.yml | 38 +---
.github/workflows/research.lock.yml | 38 +---
.github/workflows/safe-output-health.lock.yml | 38 +---
.../schema-consistency-checker.lock.yml | 38 +---
.github/workflows/scout.lock.yml | 38 +---
.../workflows/security-compliance.lock.yml | 38 +---
.github/workflows/security-review.lock.yml | 38 +---
.../semantic-function-refactor.lock.yml | 38 +---
.github/workflows/sergo.lock.yml | 38 +---
.../workflows/slide-deck-maintainer.lock.yml | 38 +---
.github/workflows/smoke-agent.lock.yml | 38 +---
.github/workflows/smoke-claude.lock.yml | 38 +---
.github/workflows/smoke-codex.lock.yml | 38 +---
.github/workflows/smoke-copilot-arm.lock.yml | 38 +---
.github/workflows/smoke-copilot.lock.yml | 38 +---
.github/workflows/smoke-gemini.lock.yml | 38 +---
.github/workflows/smoke-multi-pr.lock.yml | 38 +---
.github/workflows/smoke-project.lock.yml | 38 +---
.github/workflows/smoke-temporary-id.lock.yml | 38 +---
.github/workflows/smoke-test-tools.lock.yml | 38 +---
.../workflows/stale-repo-identifier.lock.yml | 38 +---
.../workflows/static-analysis-report.lock.yml | 38 +---
.../workflows/step-name-alignment.lock.yml | 38 +---
.github/workflows/sub-issue-closer.lock.yml | 38 +---
.github/workflows/super-linter.lock.yml | 38 +---
.../workflows/technical-doc-writer.lock.yml | 38 +---
.github/workflows/terminal-stylist.lock.yml | 38 +---
.../test-create-pr-error-handling.lock.yml | 38 +---
.github/workflows/test-dispatcher.lock.yml | 38 +---
.../test-project-url-default.lock.yml | 38 +---
.github/workflows/tidy.lock.yml | 38 +---
.github/workflows/typist.lock.yml | 38 +---
.../workflows/ubuntu-image-analyzer.lock.yml | 38 +---
.github/workflows/unbloat-docs.lock.yml | 38 +---
.github/workflows/video-analyzer.lock.yml | 38 +---
.../weekly-editors-health-check.lock.yml | 38 +---
.../workflows/weekly-issue-summary.lock.yml | 38 +---
.../weekly-safe-outputs-spec-review.lock.yml | 38 +---
.github/workflows/workflow-generator.lock.yml | 38 +---
.../workflow-health-manager.lock.yml | 38 +---
.../workflows/workflow-normalizer.lock.yml | 38 +---
.../workflow-skill-extractor.lock.yml | 38 +---
actions/setup/md/safe_outputs_prompt.md | 26 +++
pkg/workflow/prompts_test.go | 31 ++-
.../safe_outputs_default_create_issue_test.go | 2 +-
pkg/workflow/sh.go | 1 +
pkg/workflow/unified_prompt_creation_test.go | 14 +-
pkg/workflow/unified_prompt_step.go | 183 ++----------------
pkg/workflow/unified_prompt_step_test.go | 3 +-
158 files changed, 522 insertions(+), 5476 deletions(-)
create mode 100644 actions/setup/md/safe_outputs_prompt.md
diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml
index 1cbba0d554a..41ee064b4d1 100644
--- a/.github/workflows/agent-performance-analyzer.lock.yml
+++ b/.github/workflows/agent-performance-analyzer.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -166,8 +135,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml
index 59561ee7b6b..b5a4ef27c8b 100644
--- a/.github/workflows/agent-persona-explorer.lock.yml
+++ b/.github/workflows/agent-persona-explorer.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -158,8 +127,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml
index f95b11e8f9e..6632ef00531 100644
--- a/.github/workflows/ai-moderator.lock.yml
+++ b/.github/workflows/ai-moderator.lock.yml
@@ -149,40 +149,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding Labels to Issues or Pull Requests, Hiding a Comment, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding Labels to Issues or Pull Requests**
To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
@@ -199,8 +168,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml
index 72cbc8f272b..fba99c27412 100644
--- a/.github/workflows/archie.lock.yml
+++ b/.github/workflows/archie.lock.yml
@@ -142,40 +142,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -188,8 +157,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml
index e828d915b13..2a8427e30ff 100644
--- a/.github/workflows/artifacts-summary.lock.yml
+++ b/.github/workflows/artifacts-summary.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml
index de99c2482fe..30a8476c4e7 100644
--- a/.github/workflows/audit-workflows.lock.yml
+++ b/.github/workflows/audit-workflows.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -167,8 +136,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml
index 2217e3f3e44..c6a314dc292 100644
--- a/.github/workflows/auto-triage-issues.lock.yml
+++ b/.github/workflows/auto-triage-issues.lock.yml
@@ -127,40 +127,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -177,8 +146,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml
index c69e66ebf75..bf8cbcaba50 100644
--- a/.github/workflows/blog-auditor.lock.yml
+++ b/.github/workflows/blog-auditor.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/bot-detection.lock.yml b/.github/workflows/bot-detection.lock.yml
index 0adf3901c3a..778600aebe4 100644
--- a/.github/workflows/bot-detection.lock.yml
+++ b/.github/workflows/bot-detection.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Updating Issues, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -160,8 +129,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml
index 6d8b32edc58..b5489ff9901 100644
--- a/.github/workflows/brave.lock.yml
+++ b/.github/workflows/brave.lock.yml
@@ -132,40 +132,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -178,8 +147,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml
index 2ae11155f35..759510a3f4d 100644
--- a/.github/workflows/breaking-change-checker.lock.yml
+++ b/.github/workflows/breaking-change-checker.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml
index ac60d52f0da..250120cff01 100644
--- a/.github/workflows/changeset.lock.yml
+++ b/.github/workflows/changeset.lock.yml
@@ -138,40 +138,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Updating a Pull Request, Pushing Changes to Branch, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Updating a Pull Request**
To update a pull request title or body, use the update_pull_request tool from safeoutputs.
@@ -191,8 +160,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml
index acc75bdd580..0a38f2b5066 100644
--- a/.github/workflows/ci-coach.lock.yml
+++ b/.github/workflows/ci-coach.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -164,8 +133,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml
index ad347362f2a..b42d0b63f22 100644
--- a/.github/workflows/ci-doctor.lock.yml
+++ b/.github/workflows/ci-doctor.lock.yml
@@ -126,40 +126,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Updating Issues, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -180,8 +149,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml
index a39ab152a55..747bc5a4006 100644
--- a/.github/workflows/claude-code-user-docs-review.lock.yml
+++ b/.github/workflows/claude-code-user-docs-review.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -152,8 +121,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml
index 2973ecdab6d..f25db4381ef 100644
--- a/.github/workflows/cli-consistency-checker.lock.yml
+++ b/.github/workflows/cli-consistency-checker.lock.yml
@@ -104,40 +104,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -150,8 +119,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml
index 75be3ea998a..c1d6d0179d8 100644
--- a/.github/workflows/cli-version-checker.lock.yml
+++ b/.github/workflows/cli-version-checker.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml
index 1923766583e..04485b1b1d6 100644
--- a/.github/workflows/cloclo.lock.yml
+++ b/.github/workflows/cloclo.lock.yml
@@ -173,40 +173,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -228,8 +197,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml
index f5c5d6dfb5e..d6c0dd30e68 100644
--- a/.github/workflows/code-scanning-fixer.lock.yml
+++ b/.github/workflows/code-scanning-fixer.lock.yml
@@ -107,40 +107,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt_multi.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -162,8 +131,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml
index 04f752960be..26d5ab411ec 100644
--- a/.github/workflows/code-simplifier.lock.yml
+++ b/.github/workflows/code-simplifier.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -163,8 +132,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml
index bb3adb103f3..6a854e737b7 100644
--- a/.github/workflows/commit-changes-analyzer.lock.yml
+++ b/.github/workflows/commit-changes-analyzer.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -158,8 +127,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/contribution-check.lock.yml b/.github/workflows/contribution-check.lock.yml
index 2f8a1e94c2e..a00f132daaa 100644
--- a/.github/workflows/contribution-check.lock.yml
+++ b/.github/workflows/contribution-check.lock.yml
@@ -108,40 +108,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -162,8 +131,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml
index 3395849f5b5..88b2b7f0dc4 100644
--- a/.github/workflows/copilot-agent-analysis.lock.yml
+++ b/.github/workflows/copilot-agent-analysis.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml
index 82cd84b59e3..be8237de451 100644
--- a/.github/workflows/copilot-cli-deep-research.lock.yml
+++ b/.github/workflows/copilot-cli-deep-research.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml
index 5e09fae1adc..396def8cda7 100644
--- a/.github/workflows/copilot-pr-merged-report.lock.yml
+++ b/.github/workflows/copilot-pr-merged-report.lock.yml
@@ -103,40 +103,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -149,8 +118,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
GH_AW_PROMPT_EOF
cat << 'GH_AW_PROMPT_EOF'
diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
index 1a3f9bb2325..13750df4ea3 100644
--- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -167,8 +136,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
index 6801543023b..ce0c317763b 100644
--- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml
index ba14338f71e..0bbb987b0dc 100644
--- a/.github/workflows/copilot-session-insights.lock.yml
+++ b/.github/workflows/copilot-session-insights.lock.yml
@@ -117,40 +117,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -171,8 +140,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml
index 0e65af1f7e8..c8bc7bdacd0 100644
--- a/.github/workflows/craft.lock.yml
+++ b/.github/workflows/craft.lock.yml
@@ -128,40 +128,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Pushing Changes to Branch, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -181,8 +150,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml
index aacdc869935..d526134d180 100644
--- a/.github/workflows/daily-assign-issue-to-user.lock.yml
+++ b/.github/workflows/daily-assign-issue-to-user.lock.yml
@@ -104,40 +104,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Assigning to a User, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -154,8 +123,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml
index 43d0f17befd..cdc96a6ccb2 100644
--- a/.github/workflows/daily-choice-test.lock.yml
+++ b/.github/workflows/daily-choice-test.lock.yml
@@ -104,40 +104,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Reporting Missing Tools or Functionality**
To report a missing tool or capability, use the missing_tool tool from safeoutputs.
@@ -146,8 +115,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index 03b126d9596..765f38afaf4 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -162,8 +131,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml
index 0c6c325313d..7d4ef21bdfc 100644
--- a/.github/workflows/daily-cli-tools-tester.lock.yml
+++ b/.github/workflows/daily-cli-tools-tester.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -151,8 +120,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml
index c20f92a8a05..95ec0d8c4b6 100644
--- a/.github/workflows/daily-code-metrics.lock.yml
+++ b/.github/workflows/daily-code-metrics.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -167,8 +136,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml
index c57ccafeb45..0eee2c8dad7 100644
--- a/.github/workflows/daily-compiler-quality.lock.yml
+++ b/.github/workflows/daily-compiler-quality.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml
index 01e6a49e37d..d1607a1cb70 100644
--- a/.github/workflows/daily-copilot-token-report.lock.yml
+++ b/.github/workflows/daily-copilot-token-report.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -166,8 +135,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml
index 8d1278c8cde..ac04e44725f 100644
--- a/.github/workflows/daily-doc-updater.lock.yml
+++ b/.github/workflows/daily-doc-updater.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml
index f44a2db98e1..4783a6991d8 100644
--- a/.github/workflows/daily-fact.lock.yml
+++ b/.github/workflows/daily-fact.lock.yml
@@ -90,40 +90,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -136,8 +105,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml
index 964ff893f0a..7749bab3963 100644
--- a/.github/workflows/daily-file-diet.lock.yml
+++ b/.github/workflows/daily-file-diet.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -158,8 +127,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml
index d53f8e5009b..ab84300c051 100644
--- a/.github/workflows/daily-firewall-report.lock.yml
+++ b/.github/workflows/daily-firewall-report.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -165,8 +134,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml
index 6237e4cc73c..0e5940ff03c 100644
--- a/.github/workflows/daily-issues-report.lock.yml
+++ b/.github/workflows/daily-issues-report.lock.yml
@@ -116,40 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Closing a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -174,8 +143,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml
index 8a4d0ae9b4a..cc8bab1f54b 100644
--- a/.github/workflows/daily-malicious-code-scan.lock.yml
+++ b/.github/workflows/daily-malicious-code-scan.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Code Scanning Alert, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Code Scanning Alert**
To create a code scanning alert, use the create_code_scanning_alert tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
index cfeabea8a3b..4053e049f3d 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
+++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Creating an Agent Session, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -160,8 +129,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml
index 3905b5cae3e..e3de8f71cec 100644
--- a/.github/workflows/daily-multi-device-docs-tester.lock.yml
+++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml
@@ -117,40 +117,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -171,8 +140,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml
index a1920cca4d8..f85bccca697 100644
--- a/.github/workflows/daily-news.lock.yml
+++ b/.github/workflows/daily-news.lock.yml
@@ -114,40 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -168,8 +137,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml
index ee4654ec8f7..d8449417a74 100644
--- a/.github/workflows/daily-observability-report.lock.yml
+++ b/.github/workflows/daily-observability-report.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Closing a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -161,8 +130,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index a60e997c93c..1907f34087d 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Closing a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -170,8 +139,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml
index e1612462fd5..c1ace42c61b 100644
--- a/.github/workflows/daily-regulatory.lock.yml
+++ b/.github/workflows/daily-regulatory.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Closing a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -160,8 +129,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
index 43cfc8640ab..02d87ff968b 100644
--- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml
+++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -164,8 +133,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml
index f0bb446b3c4..1daca326712 100644
--- a/.github/workflows/daily-repo-chronicle.lock.yml
+++ b/.github/workflows/daily-repo-chronicle.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -165,8 +134,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml
index cd9adfef461..3d716d9388d 100644
--- a/.github/workflows/daily-safe-output-optimizer.lock.yml
+++ b/.github/workflows/daily-safe-output-optimizer.lock.yml
@@ -114,40 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -160,8 +129,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml
index 1b1725766d7..1495cbffc39 100644
--- a/.github/workflows/daily-safe-outputs-conformance.lock.yml
+++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml
index dc645baec21..1ebac25f9e8 100644
--- a/.github/workflows/daily-secrets-analysis.lock.yml
+++ b/.github/workflows/daily-secrets-analysis.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Closing a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml
index 8bd44358c16..ce16466d7a3 100644
--- a/.github/workflows/daily-security-red-team.lock.yml
+++ b/.github/workflows/daily-security-red-team.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml
index 7138e5fbede..24c26b2793b 100644
--- a/.github/workflows/daily-semgrep-scan.lock.yml
+++ b/.github/workflows/daily-semgrep-scan.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Code Scanning Alert, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Code Scanning Alert**
To create a code scanning alert, use the create_code_scanning_alert tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml
index 1fcdec162f0..6828653dbca 100644
--- a/.github/workflows/daily-syntax-error-quality.lock.yml
+++ b/.github/workflows/daily-syntax-error-quality.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml
index ef47f6f5d89..b40d2a7b868 100644
--- a/.github/workflows/daily-team-evolution-insights.lock.yml
+++ b/.github/workflows/daily-team-evolution-insights.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index c46c463d564..158bd119043 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -118,40 +118,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -164,8 +133,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml
index d625206769f..e401bd1dda9 100644
--- a/.github/workflows/daily-testify-uber-super-expert.lock.yml
+++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml
@@ -114,40 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -160,8 +129,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml
index de664d63cff..2bc9e1884a6 100644
--- a/.github/workflows/daily-workflow-updater.lock.yml
+++ b/.github/workflows/daily-workflow-updater.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml
index 77e8e746733..d70023dd3b1 100644
--- a/.github/workflows/deep-report.lock.yml
+++ b/.github/workflows/deep-report.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -170,8 +139,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml
index f195cf346cb..9d80028bc31 100644
--- a/.github/workflows/delight.lock.yml
+++ b/.github/workflows/delight.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -161,8 +130,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml
index 6832290da4a..616470a6ae5 100644
--- a/.github/workflows/dependabot-burner.lock.yml
+++ b/.github/workflows/dependabot-burner.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -152,8 +121,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml
index 9a896407103..c6002ba2ff2 100644
--- a/.github/workflows/dependabot-go-checker.lock.yml
+++ b/.github/workflows/dependabot-go-checker.lock.yml
@@ -104,40 +104,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Closing an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -154,8 +123,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml
index f7b791d914c..18773488ecc 100644
--- a/.github/workflows/dev-hawk.lock.yml
+++ b/.github/workflows/dev-hawk.lock.yml
@@ -121,40 +121,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -167,8 +136,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml
index 2f1919afdd3..82cfc68b1ba 100644
--- a/.github/workflows/dev.lock.yml
+++ b/.github/workflows/dev.lock.yml
@@ -104,40 +104,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -150,8 +119,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml
index e5dd673fec6..9fb9a535752 100644
--- a/.github/workflows/developer-docs-consolidator.lock.yml
+++ b/.github/workflows/developer-docs-consolidator.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -165,8 +134,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml
index 846e28884fd..b3944965dea 100644
--- a/.github/workflows/dictation-prompt.lock.yml
+++ b/.github/workflows/dictation-prompt.lock.yml
@@ -108,40 +108,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml
index f37d2e677c3..0f4bc8d304b 100644
--- a/.github/workflows/discussion-task-miner.lock.yml
+++ b/.github/workflows/discussion-task-miner.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -161,8 +130,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml
index f24005d31aa..010b54dca08 100644
--- a/.github/workflows/docs-noob-tester.lock.yml
+++ b/.github/workflows/docs-noob-tester.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -164,8 +133,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml
index da66739b438..ed119ee0cad 100644
--- a/.github/workflows/draft-pr-cleanup.lock.yml
+++ b/.github/workflows/draft-pr-cleanup.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Closing a Pull Request, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml
index 68179ec4453..56064f58888 100644
--- a/.github/workflows/duplicate-code-detector.lock.yml
+++ b/.github/workflows/duplicate-code-detector.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -152,8 +121,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml
index 53e5f42f48a..7b4a3e3880b 100644
--- a/.github/workflows/example-workflow-analyzer.lock.yml
+++ b/.github/workflows/example-workflow-analyzer.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml
index 7b815fe4713..aab0606ba2c 100644
--- a/.github/workflows/firewall-escape.lock.yml
+++ b/.github/workflows/firewall-escape.lock.yml
@@ -129,40 +129,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -175,8 +144,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/functional-pragmatist.lock.yml b/.github/workflows/functional-pragmatist.lock.yml
index ea9682228ae..55716ea5fae 100644
--- a/.github/workflows/functional-pragmatist.lock.yml
+++ b/.github/workflows/functional-pragmatist.lock.yml
@@ -108,40 +108,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml
index 198f909bcf1..5639505c09f 100644
--- a/.github/workflows/github-mcp-structural-analysis.lock.yml
+++ b/.github/workflows/github-mcp-structural-analysis.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -164,8 +133,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml
index 816855513a2..3293ee8c656 100644
--- a/.github/workflows/github-mcp-tools-report.lock.yml
+++ b/.github/workflows/github-mcp-tools-report.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -165,8 +134,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml
index 0519e6a9d47..cf11b136422 100644
--- a/.github/workflows/github-remote-mcp-auth-test.lock.yml
+++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -152,8 +121,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml
index 39ead29eb07..1814818199b 100644
--- a/.github/workflows/glossary-maintainer.lock.yml
+++ b/.github/workflows/glossary-maintainer.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -161,8 +130,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml
index 6367d6ff567..efce769752c 100644
--- a/.github/workflows/go-fan.lock.yml
+++ b/.github/workflows/go-fan.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml
index 5ace94e96af..ce08e4d8041 100644
--- a/.github/workflows/go-logger.lock.yml
+++ b/.github/workflows/go-logger.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -161,8 +130,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml
index d8769ac96d9..25e6893ff53 100644
--- a/.github/workflows/go-pattern-detector.lock.yml
+++ b/.github/workflows/go-pattern-detector.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml
index b9696321c1f..1beae9539c8 100644
--- a/.github/workflows/gpclean.lock.yml
+++ b/.github/workflows/gpclean.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -152,8 +121,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml
index 656c25263ce..72095495c89 100644
--- a/.github/workflows/grumpy-reviewer.lock.yml
+++ b/.github/workflows/grumpy-reviewer.lock.yml
@@ -133,40 +133,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request Review Comment, Submitting a Pull Request Review, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request Review Comment**
To create a pull request review comment, use the create_pull_request_review_comment tool from safeoutputs.
@@ -183,8 +152,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml
index 5c39ab1cd00..5b5e0dc73a5 100644
--- a/.github/workflows/hourly-ci-cleaner.lock.yml
+++ b/.github/workflows/hourly-ci-cleaner.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -164,8 +133,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml
index 12c71ca3650..8a1a188ae89 100644
--- a/.github/workflows/instructions-janitor.lock.yml
+++ b/.github/workflows/instructions-janitor.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml
index dae0d23b020..412de9c6c4a 100644
--- a/.github/workflows/issue-arborist.lock.yml
+++ b/.github/workflows/issue-arborist.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Creating a Discussion, Linking a Sub-Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -163,8 +132,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml
index 42fd6174e8f..1c43859363a 100644
--- a/.github/workflows/issue-monster.lock.yml
+++ b/.github/workflows/issue-monster.lock.yml
@@ -116,40 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Assigning to an Agent, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -166,8 +135,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml
index e219618902a..05802d09432 100644
--- a/.github/workflows/issue-triage-agent.lock.yml
+++ b/.github/workflows/issue-triage-agent.lock.yml
@@ -99,40 +99,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -149,8 +118,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml
index 5bdc33729af..26686566e04 100644
--- a/.github/workflows/jsweep.lock.yml
+++ b/.github/workflows/jsweep.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml
index b40a3a42c18..dd37502d26a 100644
--- a/.github/workflows/layout-spec-maintainer.lock.yml
+++ b/.github/workflows/layout-spec-maintainer.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml
index 3cb118cd47f..a3002fbfac2 100644
--- a/.github/workflows/lockfile-stats.lock.yml
+++ b/.github/workflows/lockfile-stats.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml
index ab368b87180..f78af7869d7 100644
--- a/.github/workflows/mcp-inspector.lock.yml
+++ b/.github/workflows/mcp-inspector.lock.yml
@@ -124,40 +124,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -170,8 +139,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml
index 3b3280e17cc..85cb33399d9 100644
--- a/.github/workflows/mergefest.lock.yml
+++ b/.github/workflows/mergefest.lock.yml
@@ -126,40 +126,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Pushing Changes to Branch, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Pushing Changes to a Pull Request Branch**
To push changes to the branch of a pull request:
@@ -175,8 +144,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml
index 4a5357024a6..4bb0139dbec 100644
--- a/.github/workflows/notion-issue-summary.lock.yml
+++ b/.github/workflows/notion-issue-summary.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Reporting Missing Tools or Functionality**
To report a missing tool or capability, use the missing_tool tool from safeoutputs.
@@ -154,8 +123,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml
index 5f57a5db7ed..9937a83731c 100644
--- a/.github/workflows/org-health-report.lock.yml
+++ b/.github/workflows/org-health-report.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -166,8 +135,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml
index d5d6d9cf99b..dd96ba6a712 100644
--- a/.github/workflows/pdf-summary.lock.yml
+++ b/.github/workflows/pdf-summary.lock.yml
@@ -154,40 +154,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -204,8 +173,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml
index 0bbc0283fe6..bdad7013182 100644
--- a/.github/workflows/plan.lock.yml
+++ b/.github/workflows/plan.lock.yml
@@ -132,40 +132,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Closing a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -182,8 +151,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml
index 8af78487048..1a922361393 100644
--- a/.github/workflows/poem-bot.lock.yml
+++ b/.github/workflows/poem-bot.lock.yml
@@ -144,40 +144,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Updating Issues, Creating a Discussion, Creating an Agent Session, Creating a Pull Request, Closing a Pull Request, Creating a Pull Request Review Comment, Adding Labels to Issues or Pull Requests, Pushing Changes to Branch, Uploading Assets, Linking a Sub-Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -246,8 +215,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml
index 23ccd48c84d..db44e6af394 100644
--- a/.github/workflows/portfolio-analyst.lock.yml
+++ b/.github/workflows/portfolio-analyst.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -166,8 +135,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml
index a1cdc5b64af..71ebf0e4a0d 100644
--- a/.github/workflows/pr-nitpick-reviewer.lock.yml
+++ b/.github/workflows/pr-nitpick-reviewer.lock.yml
@@ -161,40 +161,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Creating a Pull Request Review Comment, Submitting a Pull Request Review, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -215,8 +184,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml
index f23e37a2638..04f93664f64 100644
--- a/.github/workflows/pr-triage-agent.lock.yml
+++ b/.github/workflows/pr-triage-agent.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml
index 40f7f0963ea..f725d8f08d5 100644
--- a/.github/workflows/prompt-clustering-analysis.lock.yml
+++ b/.github/workflows/prompt-clustering-analysis.lock.yml
@@ -115,40 +115,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -161,8 +130,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml
index 6c934a54f3f..83f3cb564af 100644
--- a/.github/workflows/python-data-charts.lock.yml
+++ b/.github/workflows/python-data-charts.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -163,8 +132,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml
index 4f5bfa197de..e8f7333de96 100644
--- a/.github/workflows/q.lock.yml
+++ b/.github/workflows/q.lock.yml
@@ -166,40 +166,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -221,8 +190,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/refiner.lock.yml b/.github/workflows/refiner.lock.yml
index 1e5cf3603ec..b0a28053fee 100644
--- a/.github/workflows/refiner.lock.yml
+++ b/.github/workflows/refiner.lock.yml
@@ -130,40 +130,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -185,8 +154,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml
index b195ae24bbf..7259d9fe388 100644
--- a/.github/workflows/release.lock.yml
+++ b/.github/workflows/release.lock.yml
@@ -116,40 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Updating a Release, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Updating a Release**
To update a GitHub release description, use the update_release tool from safeoutputs.
@@ -162,8 +131,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml
index 492a2160cb4..ef0c477fd46 100644
--- a/.github/workflows/repo-audit-analyzer.lock.yml
+++ b/.github/workflows/repo-audit-analyzer.lock.yml
@@ -114,40 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt_multi.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -160,8 +129,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml
index aaa65eea5f4..f487e26e1bc 100644
--- a/.github/workflows/repo-tree-map.lock.yml
+++ b/.github/workflows/repo-tree-map.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml
index 459a8a5cb6b..a0a3cef9c6b 100644
--- a/.github/workflows/repository-quality-improver.lock.yml
+++ b/.github/workflows/repository-quality-improver.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt_multi.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml
index 5d8326c1743..6c11eeb3e4d 100644
--- a/.github/workflows/research.lock.yml
+++ b/.github/workflows/research.lock.yml
@@ -113,40 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml
index ad25a4c850f..c70dd4762e6 100644
--- a/.github/workflows/safe-output-health.lock.yml
+++ b/.github/workflows/safe-output-health.lock.yml
@@ -111,40 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml
index d4e40dbe2f1..0f84f38827f 100644
--- a/.github/workflows/schema-consistency-checker.lock.yml
+++ b/.github/workflows/schema-consistency-checker.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml
index 7978b798381..51b66376f44 100644
--- a/.github/workflows/scout.lock.yml
+++ b/.github/workflows/scout.lock.yml
@@ -191,40 +191,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -237,8 +206,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml
index 5a4120fddb8..5fe55d55b65 100644
--- a/.github/workflows/security-compliance.lock.yml
+++ b/.github/workflows/security-compliance.lock.yml
@@ -130,40 +130,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -176,8 +145,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml
index b72c049cf9c..ba07d2c2a48 100644
--- a/.github/workflows/security-review.lock.yml
+++ b/.github/workflows/security-review.lock.yml
@@ -133,40 +133,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request Review Comment, Submitting a Pull Request Review, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request Review Comment**
To create a pull request review comment, use the create_pull_request_review_comment tool from safeoutputs.
@@ -183,8 +152,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml
index 82ac6974b95..bfc8e3e117b 100644
--- a/.github/workflows/semantic-function-refactor.lock.yml
+++ b/.github/workflows/semantic-function-refactor.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Closing an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml
index 7c7db5e5c8f..87c0398a8b6 100644
--- a/.github/workflows/sergo.lock.yml
+++ b/.github/workflows/sergo.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml
index 37f38755ce5..403caf539d3 100644
--- a/.github/workflows/slide-deck-maintainer.lock.yml
+++ b/.github/workflows/slide-deck-maintainer.lock.yml
@@ -116,40 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -167,8 +136,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-agent.lock.yml b/.github/workflows/smoke-agent.lock.yml
index 34e9b6a7d74..39631175e60 100644
--- a/.github/workflows/smoke-agent.lock.yml
+++ b/.github/workflows/smoke-agent.lock.yml
@@ -138,40 +138,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Assigning to an Agent, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -188,8 +157,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 7fa032d7966..8e0c0d5d1c7 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -158,40 +158,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Closing a Pull Request, Updating a Pull Request, Creating a Pull Request Review Comment, Submitting a Pull Request Review, Resolving a Pull Request Review Thread, Adding Labels to Issues or Pull Requests, Adding a Reviewer to a Pull Request, Pushing Changes to Branch, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -243,8 +212,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index d564eb37c9b..58de44dc1bc 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -150,40 +150,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Adding Labels to Issues or Pull Requests, Removing Labels from Issues or Pull Requests, Unassigning from a User, Hiding a Comment, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -216,8 +185,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index b86005293de..102dceaf64b 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -150,40 +150,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Creating a Discussion, Creating a Pull Request Review Comment, Submitting a Pull Request Review, Adding Labels to Issues or Pull Requests, Removing Labels from Issues or Pull Requests, Dispatching a Workflow, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -224,8 +193,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index 09b53eb0497..cdb7ebd5f97 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -152,40 +152,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Creating a Discussion, Creating a Pull Request Review Comment, Submitting a Pull Request Review, Adding Labels to Issues or Pull Requests, Removing Labels from Issues or Pull Requests, Dispatching a Workflow, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -226,8 +195,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index f7c0b15316b..3ae8224e8de 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -149,40 +149,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Adding Labels to Issues or Pull Requests, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -203,8 +172,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml
index 4263854a277..6f7404b6ddf 100644
--- a/.github/workflows/smoke-multi-pr.lock.yml
+++ b/.github/workflows/smoke-multi-pr.lock.yml
@@ -143,40 +143,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -198,8 +167,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml
index 0dd84510677..fddb57cccec 100644
--- a/.github/workflows/smoke-project.lock.yml
+++ b/.github/workflows/smoke-project.lock.yml
@@ -141,40 +141,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Creating a Pull Request, Adding Labels to Issues or Pull Requests, Removing Labels from Issues or Pull Requests, Updating a Project, Creating a Project Status Update, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -216,8 +185,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml
index 373a57ce1bd..982af6c6bdf 100644
--- a/.github/workflows/smoke-temporary-id.lock.yml
+++ b/.github/workflows/smoke-temporary-id.lock.yml
@@ -141,40 +141,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Linking a Sub-Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -195,8 +164,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml
index c11e412d776..2f8eb2ae8e4 100644
--- a/.github/workflows/smoke-test-tools.lock.yml
+++ b/.github/workflows/smoke-test-tools.lock.yml
@@ -140,40 +140,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -186,8 +155,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml
index ec47008f536..4d75b723b36 100644
--- a/.github/workflows/stale-repo-identifier.lock.yml
+++ b/.github/workflows/stale-repo-identifier.lock.yml
@@ -121,40 +121,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -175,8 +144,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml
index f439ba818a3..1f965790819 100644
--- a/.github/workflows/static-analysis-report.lock.yml
+++ b/.github/workflows/static-analysis-report.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml
index c489e900e2d..a12c26f375b 100644
--- a/.github/workflows/step-name-alignment.lock.yml
+++ b/.github/workflows/step-name-alignment.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -152,8 +121,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml
index c04a33c5ce1..721b3fccdbc 100644
--- a/.github/workflows/sub-issue-closer.lock.yml
+++ b/.github/workflows/sub-issue-closer.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Updating Issues, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml
index 6017f0ea1e5..0f808d63c91 100644
--- a/.github/workflows/super-linter.lock.yml
+++ b/.github/workflows/super-linter.lock.yml
@@ -110,40 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml
index be3871aa223..b2ba56651f9 100644
--- a/.github/workflows/technical-doc-writer.lock.yml
+++ b/.github/workflows/technical-doc-writer.lock.yml
@@ -114,40 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Pull Request, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -177,8 +146,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml
index 89c2393a1c5..80f3f9cf608 100644
--- a/.github/workflows/terminal-stylist.lock.yml
+++ b/.github/workflows/terminal-stylist.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -151,8 +120,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml
index e325dfb22e7..2d74cb7da04 100644
--- a/.github/workflows/test-create-pr-error-handling.lock.yml
+++ b/.github/workflows/test-create-pr-error-handling.lock.yml
@@ -103,40 +103,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -154,8 +123,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/test-dispatcher.lock.yml b/.github/workflows/test-dispatcher.lock.yml
index f3fd586e02f..0b1a9ae8167 100644
--- a/.github/workflows/test-dispatcher.lock.yml
+++ b/.github/workflows/test-dispatcher.lock.yml
@@ -101,40 +101,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Dispatching a Workflow, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Dispatching a Workflow**
To dispatch a workflow_dispatch event to another workflow, use the dispatch_workflow tool from safeoutputs.
@@ -147,8 +116,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/test-project-url-default.lock.yml b/.github/workflows/test-project-url-default.lock.yml
index b36ee30fa93..1c443ea296e 100644
--- a/.github/workflows/test-project-url-default.lock.yml
+++ b/.github/workflows/test-project-url-default.lock.yml
@@ -101,40 +101,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Updating a Project, Creating a Project Status Update, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Updating a Project**
To create, add items to, or update a project board, use the update_project tool from safeoutputs.
@@ -151,8 +120,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml
index 01625a76dd8..7508a4417ec 100644
--- a/.github/workflows/tidy.lock.yml
+++ b/.github/workflows/tidy.lock.yml
@@ -139,40 +139,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Pushing Changes to Branch, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -197,8 +166,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml
index 022437a9dae..623ab2d2114 100644
--- a/.github/workflows/typist.lock.yml
+++ b/.github/workflows/typist.lock.yml
@@ -108,40 +108,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -154,8 +123,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml
index 04c363ed7a0..36365981d36 100644
--- a/.github/workflows/ubuntu-image-analyzer.lock.yml
+++ b/.github/workflows/ubuntu-image-analyzer.lock.yml
@@ -108,40 +108,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml
index e9d1888d045..01c43c630aa 100644
--- a/.github/workflows/unbloat-docs.lock.yml
+++ b/.github/workflows/unbloat-docs.lock.yml
@@ -136,40 +136,9 @@ jobs:
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating a Pull Request, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -199,8 +168,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml
index f47263596eb..8824018128b 100644
--- a/.github/workflows/video-analyzer.lock.yml
+++ b/.github/workflows/video-analyzer.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -158,8 +127,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/weekly-editors-health-check.lock.yml b/.github/workflows/weekly-editors-health-check.lock.yml
index 048d7bd36f2..eac8c68939d 100644
--- a/.github/workflows/weekly-editors-health-check.lock.yml
+++ b/.github/workflows/weekly-editors-health-check.lock.yml
@@ -106,40 +106,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/playwright_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -165,8 +134,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml
index 9fd1b4ea565..194022468b2 100644
--- a/.github/workflows/weekly-issue-summary.lock.yml
+++ b/.github/workflows/weekly-issue-summary.lock.yml
@@ -103,40 +103,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/cache_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Discussion, Uploading Assets, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
@@ -157,8 +126,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml
index ffe2222c07e..d28f9602260 100644
--- a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml
+++ b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml
@@ -105,40 +105,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating a Pull Request, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating a Pull Request**
To create a pull request:
@@ -156,8 +125,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml
index fb4d46c7ddc..a1c6ec0bde9 100644
--- a/.github/workflows/workflow-generator.lock.yml
+++ b/.github/workflows/workflow-generator.lock.yml
@@ -133,40 +133,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Updating Issues, Assigning to an Agent, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Updating an Issue**
To update an issue, use the update_issue tool from safeoutputs.
@@ -183,8 +152,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml
index fc75299c739..9557341a752 100644
--- a/.github/workflows/workflow-health-manager.lock.yml
+++ b/.github/workflows/workflow-health-manager.lock.yml
@@ -112,40 +112,9 @@ jobs:
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
cat "/opt/gh-aw/prompts/repo_memory_prompt.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Adding a Comment to an Issue or Pull Request, Creating an Issue, Updating Issues, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Adding a Comment to an Issue or Pull Request**
To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
@@ -166,8 +135,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml
index d0a3691e8bf..32783ce4af3 100644
--- a/.github/workflows/workflow-normalizer.lock.yml
+++ b/.github/workflows/workflow-normalizer.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -155,8 +124,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml
index 87f34cb822b..0d5f844120e 100644
--- a/.github/workflows/workflow-skill-extractor.lock.yml
+++ b/.github/workflows/workflow-skill-extractor.lock.yml
@@ -109,40 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/xpia.md"
cat "/opt/gh-aw/prompts/temp_folder_prompt.md"
cat "/opt/gh-aw/prompts/markdown.md"
+ cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
-
- GitHub API Access Instructions
-
- The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
- To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
- Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
- **IMPORTANT - temporary_id format rules:**
- - If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
- - If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
- - Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
- - Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- - INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
- - VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
- - To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
- Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
- Discover available tools from the safeoutputs MCP server.
-
- **Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
- **Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-
- ---
-
- ## Creating an Issue, Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
-
- **IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
-
+
**Creating an Issue**
To create an issue, use the create_issue tool from safeoutputs.
@@ -159,8 +128,7 @@ jobs:
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
-
-
+
The following GitHub context information is available for this workflow:
{{#if __GH_AW_GITHUB_ACTOR__ }}
diff --git a/actions/setup/md/safe_outputs_prompt.md b/actions/setup/md/safe_outputs_prompt.md
new file mode 100644
index 00000000000..a389cd45b97
--- /dev/null
+++ b/actions/setup/md/safe_outputs_prompt.md
@@ -0,0 +1,26 @@
+
+GitHub API Access Instructions
+
+The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
+
+
+To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool from the safeoutputs MCP server. Simply writing content will NOT work - the workflow requires actual tool calls.
+
+Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
+
+**IMPORTANT - temporary_id format rules:**
+- If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
+- If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
+- Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
+- Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
+- INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
+- VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
+- To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
+
+Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
+
+**Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
+
+**Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
+
+
diff --git a/pkg/workflow/prompts_test.go b/pkg/workflow/prompts_test.go
index 1972c518c05..4d7647096a3 100644
--- a/pkg/workflow/prompts_test.go
+++ b/pkg/workflow/prompts_test.go
@@ -36,16 +36,11 @@ func TestGenerateSafeOutputsPromptStep_IncludesWhenEnabled(t *testing.T) {
if !strings.Contains(output, "Create prompt with built-in context") {
t.Error("Expected unified prompt step to be generated when safe outputs enabled")
}
- if !strings.Contains(output, "safe output tool") {
- t.Error("Expected prompt to mention safe output tools")
+ // Static intro is now in safe_outputs_prompt.md (referenced by file, not inline)
+ if !strings.Contains(output, "safe_outputs_prompt.md") {
+ t.Error("Expected reference to safe_outputs_prompt.md for static safe outputs intro")
}
- if !strings.Contains(output, "gh CLI is NOT authenticated") {
- t.Error("Expected prompt to warn about gh CLI not being authenticated")
- }
- if !strings.Contains(output, "safeoutputs MCP server") {
- t.Error("Expected prompt to mention safeoutputs MCP server")
- }
- // Verify per-tool instructions are included for create_issue
+ // Per-tool instructions are still inline
if !strings.Contains(output, "create_issue") {
t.Error("Expected prompt to include create_issue tool name")
}
@@ -68,7 +63,7 @@ func TestGenerateSafeOutputsPromptStep_SkippedWhenDisabled(t *testing.T) {
output := yaml.String()
// Should still have unified step (for temp folder), but not safe outputs
- if strings.Contains(output, "") {
+ if strings.Contains(output, "safe_outputs_prompt.md") {
t.Error("Expected safe outputs section to NOT be in unified prompt when disabled")
}
}
@@ -101,9 +96,14 @@ func TestSafeOutputsPrompt_IncludesPerToolInstructions(t *testing.T) {
compiler.generateUnifiedPromptStep(&yaml, data)
output := yaml.String()
- // Verify safe outputs section exists
- if !strings.Contains(output, "") {
- t.Fatal("Expected safe outputs section in generated prompt")
+ // Static intro is now in safe_outputs_prompt.md (file reference, not inline)
+ if !strings.Contains(output, "safe_outputs_prompt.md") {
+ t.Fatal("Expected safe_outputs_prompt.md file reference in generated prompt")
+ }
+
+ // Per-tool instructions are wrapped in
+ if !strings.Contains(output, "") {
+ t.Fatal("Expected section in generated prompt")
}
// Verify per-tool instructions are present for each enabled tool
@@ -128,11 +128,6 @@ func TestSafeOutputsPrompt_IncludesPerToolInstructions(t *testing.T) {
}
})
}
-
- // Verify the MCP server discovery instruction is also present
- if !strings.Contains(output, "Discover available tools from the safeoutputs MCP server") {
- t.Error("Expected prompt to instruct agent to query MCP server for tools")
- }
}
// ============================================================================
diff --git a/pkg/workflow/safe_outputs_default_create_issue_test.go b/pkg/workflow/safe_outputs_default_create_issue_test.go
index 8464afecac2..c77a1b2e6ff 100644
--- a/pkg/workflow/safe_outputs_default_create_issue_test.go
+++ b/pkg/workflow/safe_outputs_default_create_issue_test.go
@@ -297,7 +297,7 @@ func TestAutoInjectedCreateIssuePrompt(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
var b strings.Builder
- generateSafeOutputsPromptSection(&b, tt.safeOutputs)
+ generateSafeOutputsPerToolInstructions(&b, tt.safeOutputs)
output := b.String()
specificInstruction := "**IMPORTANT**: Report your findings or results by creating a GitHub issue"
diff --git a/pkg/workflow/sh.go b/pkg/workflow/sh.go
index cc656bbc47b..82f22a4058c 100644
--- a/pkg/workflow/sh.go
+++ b/pkg/workflow/sh.go
@@ -22,6 +22,7 @@ const (
cacheMemoryPromptMultiFile = "cache_memory_prompt_multi.md"
repoMemoryPromptFile = "repo_memory_prompt.md"
repoMemoryPromptMultiFile = "repo_memory_prompt_multi.md"
+ safeOutputsPromptFile = "safe_outputs_prompt.md"
)
// GitHub context prompt is kept embedded because it contains GitHub Actions expressions
diff --git a/pkg/workflow/unified_prompt_creation_test.go b/pkg/workflow/unified_prompt_creation_test.go
index 5f3369f91a6..cfbecc282bf 100644
--- a/pkg/workflow/unified_prompt_creation_test.go
+++ b/pkg/workflow/unified_prompt_creation_test.go
@@ -44,7 +44,7 @@ func TestGenerateUnifiedPromptCreationStep_OrderingBuiltinFirst(t *testing.T) {
// Find positions of different prompt sections in the output
tempFolderPos := strings.Index(output, "temp_folder_prompt.md")
playwrightPos := strings.Index(output, "playwright_prompt.md")
- safeOutputsPos := strings.Index(output, "")
+ safeOutputsPos := strings.Index(output, "safe_outputs_prompt.md")
userPromptPos := strings.Index(output, "# User Prompt")
// Verify all sections are present
@@ -398,7 +398,7 @@ func TestGenerateUnifiedPromptCreationStep_SystemTags(t *testing.T) {
// Find positions of built-in content
tempFolderPos := strings.Index(output, "temp_folder_prompt.md")
playwrightPos := strings.Index(output, "playwright_prompt.md")
- safeOutputsPos := strings.Index(output, "")
+ safeOutputsPos := strings.Index(output, "safe_outputs_prompt.md")
// Find position of user content
userTaskPos := strings.Index(output, "# User Task")
@@ -638,7 +638,7 @@ func TestGenerateUnifiedPromptCreationStep_AllToolsCombined(t *testing.T) {
assert.Contains(t, output, "playwright_prompt.md", "Should have playwright")
assert.Contains(t, output, "cache_memory_prompt.md", "Should have cache memory template")
assert.Contains(t, output, "repo_memory_prompt.md", "Should have repo memory template file")
- assert.Contains(t, output, "", "Should have safe outputs")
+ assert.Contains(t, output, "safe_outputs_prompt.md", "Should have safe outputs file reference")
assert.Contains(t, output, "", "Should have GitHub context")
assert.Contains(t, output, "pr_context_prompt.md", "Should have PR context")
@@ -899,16 +899,16 @@ Manage issues based on comments.`
lockStr := string(lockContent)
- // Verify safe-outputs section is within system tags
+ // Verify safe-outputs file reference is within system tags
systemOpenPos := strings.Index(lockStr, "")
systemClosePos := strings.Index(lockStr, "")
- safeOutputsPos := strings.Index(lockStr, "")
+ safeOutputsPos := strings.Index(lockStr, "safe_outputs_prompt.md")
- require.NotEqual(t, -1, safeOutputsPos, "Should have safe-outputs section")
+ require.NotEqual(t, -1, safeOutputsPos, "Should reference safe_outputs_prompt.md")
assert.Less(t, systemOpenPos, safeOutputsPos, "Safe outputs should be after system tag opens")
assert.Less(t, safeOutputsPos, systemClosePos, "Safe outputs should be before system tag closes")
- // Should mention the specific tools
+ // Should mention the specific tools (per-tool instructions are still inline)
assert.Contains(t, lockStr, "create_issue", "Should reference create_issue tool")
assert.Contains(t, lockStr, "update_issue", "Should reference update_issue tool")
}
diff --git a/pkg/workflow/unified_prompt_step.go b/pkg/workflow/unified_prompt_step.go
index a578e9b1ed3..d6e08d70958 100644
--- a/pkg/workflow/unified_prompt_step.go
+++ b/pkg/workflow/unified_prompt_step.go
@@ -286,38 +286,18 @@ func (c *Compiler) collectPromptSections(data *WorkflowData) []PromptSection {
// 7. Safe outputs instructions (if enabled)
if HasSafeOutputsEnabled(data.SafeOutputs) {
unifiedPromptLog.Print("Adding safe outputs section")
- var safeOutputsBuilder strings.Builder
- safeOutputsBuilder.WriteString(`
-GitHub API Access Instructions
-
-The gh CLI is NOT authenticated. Do NOT use gh commands for GitHub operations.
-
-
-To create or modify GitHub resources (issues, discussions, pull requests, etc.), you MUST call the appropriate safe output tool. Simply writing content will NOT work - the workflow requires actual tool calls.
-
-Temporary IDs: Some safe output tools support a temporary ID field (usually named temporary_id) so you can reference newly-created items elsewhere in the SAME agent output (for example, using #aw_abc1 in a later body).
-
-**IMPORTANT - temporary_id format rules:**
-- If you DON'T need to reference the item later, OMIT the temporary_id field entirely (it will be auto-generated if needed)
-- If you DO need cross-references/chaining, you MUST match this EXACT validation regex: /^aw_[A-Za-z0-9]{3,8}$/i
-- Format: aw_ prefix followed by 3 to 8 alphanumeric characters (A-Z, a-z, 0-9, case-insensitive)
-- Valid alphanumeric characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
-- INVALID examples: aw_ab (too short), aw_123456789 (too long), aw_test-id (contains hyphen), aw_id_123 (contains underscore)
-- VALID examples: aw_abc, aw_abc1, aw_Test123, aw_A1B2C3D4, aw_12345678
-- To generate valid IDs: use 3-8 random alphanumeric characters or omit the field to let the system auto-generate
-
-Do NOT invent other aw_* formats — downstream steps will reject them with validation errors matching against /^aw_[A-Za-z0-9]{3,8}$/i.
-
-Discover available tools from the safeoutputs MCP server.
-
-**Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
-
-**Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
-`)
- generateSafeOutputsPromptSection(&safeOutputsBuilder, data.SafeOutputs)
- safeOutputsBuilder.WriteString("\n")
+ // Static intro from file (gh CLI warning, temporary ID rules, noop note)
sections = append(sections, PromptSection{
- Content: safeOutputsBuilder.String(),
+ Content: safeOutputsPromptFile,
+ IsFile: true,
+ })
+ // Per-tool instructions (dynamic, depends on which tools are enabled)
+ var perToolBuilder strings.Builder
+ perToolBuilder.WriteString("\n")
+ generateSafeOutputsPerToolInstructions(&perToolBuilder, data.SafeOutputs)
+ perToolBuilder.WriteString("")
+ sections = append(sections, PromptSection{
+ Content: perToolBuilder.String(),
IsFile: false,
})
}
@@ -607,143 +587,18 @@ func (c *Compiler) generateUnifiedPromptCreationStep(yaml *strings.Builder, buil
var safeOutputsPromptLog = logger.New("workflow:safe_outputs_prompt")
-// generateSafeOutputsPromptSection appends per-tool usage instructions for each
-// configured safe-output capability. It is called from collectPromptSections to
-// inject detailed guidance inside the XML block.
-func generateSafeOutputsPromptSection(b *strings.Builder, safeOutputs *SafeOutputsConfig) {
+// generateSafeOutputsPerToolInstructions appends per-tool usage instructions for each
+// configured safe-output capability. It is called from collectPromptSections to inject
+// tool-specific guidance inside the XML block.
+//
+// The static intro (gh CLI warning, temporary ID rules, noop note) lives in
+// actions/setup/md/safe_outputs_prompt.md and is included separately via a file reference.
+func generateSafeOutputsPerToolInstructions(b *strings.Builder, safeOutputs *SafeOutputsConfig) {
if safeOutputs == nil {
return
}
- safeOutputsPromptLog.Print("Generating safe outputs prompt section")
-
- // Build heading that lists every enabled capability
- b.WriteString("\n---\n\n## ")
- written := false
- write := func(label string) {
- if written {
- b.WriteString(", ")
- }
- b.WriteString(label)
- written = true
- }
-
- if safeOutputs.AddComments != nil {
- write("Adding a Comment to an Issue or Pull Request")
- }
- if safeOutputs.CreateIssues != nil {
- write("Creating an Issue")
- }
- if safeOutputs.CloseIssues != nil {
- write("Closing an Issue")
- }
- if safeOutputs.UpdateIssues != nil {
- write("Updating Issues")
- }
- if safeOutputs.CreateDiscussions != nil {
- write("Creating a Discussion")
- }
- if safeOutputs.UpdateDiscussions != nil {
- write("Updating a Discussion")
- }
- if safeOutputs.CloseDiscussions != nil {
- write("Closing a Discussion")
- }
- if safeOutputs.CreateAgentSessions != nil {
- write("Creating an Agent Session")
- }
- if safeOutputs.CreatePullRequests != nil {
- write("Creating a Pull Request")
- }
- if safeOutputs.ClosePullRequests != nil {
- write("Closing a Pull Request")
- }
- if safeOutputs.UpdatePullRequests != nil {
- write("Updating a Pull Request")
- }
- if safeOutputs.MarkPullRequestAsReadyForReview != nil {
- write("Marking a Pull Request as Ready for Review")
- }
- if safeOutputs.CreatePullRequestReviewComments != nil {
- write("Creating a Pull Request Review Comment")
- }
- if safeOutputs.SubmitPullRequestReview != nil {
- write("Submitting a Pull Request Review")
- }
- if safeOutputs.ReplyToPullRequestReviewComment != nil {
- write("Replying to a Pull Request Review Comment")
- }
- if safeOutputs.ResolvePullRequestReviewThread != nil {
- write("Resolving a Pull Request Review Thread")
- }
- if safeOutputs.AddLabels != nil {
- write("Adding Labels to Issues or Pull Requests")
- }
- if safeOutputs.RemoveLabels != nil {
- write("Removing Labels from Issues or Pull Requests")
- }
- if safeOutputs.AddReviewer != nil {
- write("Adding a Reviewer to a Pull Request")
- }
- if safeOutputs.AssignMilestone != nil {
- write("Assigning a Milestone")
- }
- if safeOutputs.AssignToAgent != nil {
- write("Assigning to an Agent")
- }
- if safeOutputs.AssignToUser != nil {
- write("Assigning to a User")
- }
- if safeOutputs.UnassignFromUser != nil {
- write("Unassigning from a User")
- }
- if safeOutputs.PushToPullRequestBranch != nil {
- write("Pushing Changes to Branch")
- }
- if safeOutputs.CreateCodeScanningAlerts != nil {
- write("Creating a Code Scanning Alert")
- }
- if safeOutputs.AutofixCodeScanningAlert != nil {
- write("Autofixing a Code Scanning Alert")
- }
- if safeOutputs.UploadAssets != nil {
- write("Uploading Assets")
- }
- if safeOutputs.UpdateRelease != nil {
- write("Updating a Release")
- }
- if safeOutputs.UpdateProjects != nil {
- write("Updating a Project")
- }
- if safeOutputs.CreateProjects != nil {
- write("Creating a Project")
- }
- if safeOutputs.CreateProjectStatusUpdates != nil {
- write("Creating a Project Status Update")
- }
- if safeOutputs.LinkSubIssue != nil {
- write("Linking a Sub-Issue")
- }
- if safeOutputs.HideComment != nil {
- write("Hiding a Comment")
- }
- if safeOutputs.DispatchWorkflow != nil {
- write("Dispatching a Workflow")
- }
- if safeOutputs.MissingTool != nil {
- write("Reporting Missing Tools or Functionality")
- }
- if safeOutputs.MissingData != nil {
- write("Reporting Missing Data")
- }
-
- if !written {
- // No specific capabilities listed – nothing more to add.
- return
- }
-
- b.WriteString("\n\n")
- fmt.Fprintf(b, "**IMPORTANT**: To perform the actions listed above, use the **%s** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.\n\n", constants.SafeOutputsMCPServerID)
+ safeOutputsPromptLog.Print("Generating safe outputs per-tool instructions")
if safeOutputs.AddComments != nil {
b.WriteString("**Adding a Comment to an Issue or Pull Request**\n\n")
diff --git a/pkg/workflow/unified_prompt_step_test.go b/pkg/workflow/unified_prompt_step_test.go
index 24fe02dcf91..1fbe992ef61 100644
--- a/pkg/workflow/unified_prompt_step_test.go
+++ b/pkg/workflow/unified_prompt_step_test.go
@@ -52,7 +52,8 @@ func TestGenerateUnifiedPromptStep_AllSections(t *testing.T) {
assert.Contains(t, output, "playwright_prompt.md", "Should include playwright instructions")
assert.Contains(t, output, "cache_memory_prompt.md", "Should include cache memory template file")
assert.Contains(t, output, "repo_memory_prompt.md", "Should include repo memory template file")
- assert.Contains(t, output, "", "Should include safe outputs instructions")
+ assert.Contains(t, output, "safe_outputs_prompt.md", "Should include safe outputs file reference")
+ assert.Contains(t, output, "", "Should include per-tool instructions")
assert.Contains(t, output, "", "Should include GitHub context")
// Verify cache env vars are NOT in the prompt creation step
From 22222e8303a5c022013b7b2da0464c2cd513651a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 22 Feb 2026 19:21:05 +0000
Subject: [PATCH 3/7] Optimize safe outputs prompt for token usage: compact
list format and compressed static intro
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../agent-performance-analyzer.lock.yml | 20 +-
.../workflows/agent-persona-explorer.lock.yml | 12 +-
.github/workflows/ai-moderator.lock.yml | 16 +-
.github/workflows/archie.lock.yml | 12 +-
.github/workflows/artifacts-summary.lock.yml | 12 +-
.github/workflows/audit-workflows.lock.yml | 20 +-
.github/workflows/auto-triage-issues.lock.yml | 16 +-
.github/workflows/blog-auditor.lock.yml | 12 +-
.github/workflows/bot-detection.lock.yml | 16 +-
.github/workflows/brave.lock.yml | 12 +-
.../breaking-change-checker.lock.yml | 12 +-
.github/workflows/changeset.lock.yml | 19 +-
.github/workflows/ci-coach.lock.yml | 17 +-
.github/workflows/ci-doctor.lock.yml | 20 +-
.../claude-code-user-docs-review.lock.yml | 12 +-
.../cli-consistency-checker.lock.yml | 12 +-
.../workflows/cli-version-checker.lock.yml | 12 +-
.github/workflows/cloclo.lock.yml | 21 +-
.../workflows/code-scanning-fixer.lock.yml | 21 +-
.github/workflows/code-simplifier.lock.yml | 17 +-
.../commit-changes-analyzer.lock.yml | 12 +-
.github/workflows/contribution-check.lock.yml | 20 +-
.../workflows/copilot-agent-analysis.lock.yml | 12 +-
.../copilot-cli-deep-research.lock.yml | 12 +-
.../copilot-pr-merged-report.lock.yml | 12 +-
.../copilot-pr-nlp-analysis.lock.yml | 20 +-
.../copilot-pr-prompt-analysis.lock.yml | 12 +-
.../copilot-session-insights.lock.yml | 20 +-
.github/workflows/craft.lock.yml | 19 +-
.../daily-assign-issue-to-user.lock.yml | 16 +-
.github/workflows/daily-choice-test.lock.yml | 8 +-
.../workflows/daily-cli-performance.lock.yml | 16 +-
.../workflows/daily-cli-tools-tester.lock.yml | 12 +-
.github/workflows/daily-code-metrics.lock.yml | 20 +-
.../workflows/daily-compiler-quality.lock.yml | 12 +-
.../daily-copilot-token-report.lock.yml | 20 +-
.github/workflows/daily-doc-updater.lock.yml | 17 +-
.github/workflows/daily-fact.lock.yml | 12 +-
.github/workflows/daily-file-diet.lock.yml | 12 +-
.../workflows/daily-firewall-report.lock.yml | 20 +-
.../workflows/daily-issues-report.lock.yml | 24 +--
.../daily-malicious-code-scan.lock.yml | 12 +-
.../daily-mcp-concurrency-analysis.lock.yml | 16 +-
.../daily-multi-device-docs-tester.lock.yml | 20 +-
.github/workflows/daily-news.lock.yml | 20 +-
.../daily-observability-report.lock.yml | 16 +-
.../daily-performance-summary.lock.yml | 24 +--
.github/workflows/daily-regulatory.lock.yml | 16 +-
.../daily-rendering-scripts-verifier.lock.yml | 17 +-
.../workflows/daily-repo-chronicle.lock.yml | 20 +-
.../daily-safe-output-optimizer.lock.yml | 12 +-
.../daily-safe-outputs-conformance.lock.yml | 12 +-
.../workflows/daily-secrets-analysis.lock.yml | 16 +-
.../daily-security-red-team.lock.yml | 12 +-
.github/workflows/daily-semgrep-scan.lock.yml | 12 +-
.../daily-syntax-error-quality.lock.yml | 12 +-
.../daily-team-evolution-insights.lock.yml | 12 +-
.github/workflows/daily-team-status.lock.yml | 12 +-
.../daily-testify-uber-super-expert.lock.yml | 12 +-
.../workflows/daily-workflow-updater.lock.yml | 17 +-
.github/workflows/deep-report.lock.yml | 24 +--
.github/workflows/delight.lock.yml | 16 +-
.github/workflows/dependabot-burner.lock.yml | 12 +-
.../workflows/dependabot-go-checker.lock.yml | 16 +-
.github/workflows/dev-hawk.lock.yml | 12 +-
.github/workflows/dev.lock.yml | 12 +-
.../developer-docs-consolidator.lock.yml | 21 +-
.github/workflows/dictation-prompt.lock.yml | 17 +-
.../workflows/discussion-task-miner.lock.yml | 16 +-
.github/workflows/docs-noob-tester.lock.yml | 20 +-
.github/workflows/draft-pr-cleanup.lock.yml | 20 +-
.../duplicate-code-detector.lock.yml | 12 +-
.../example-workflow-analyzer.lock.yml | 12 +-
.github/workflows/firewall-escape.lock.yml | 12 +-
.../workflows/functional-pragmatist.lock.yml | 17 +-
.../github-mcp-structural-analysis.lock.yml | 20 +-
.../github-mcp-tools-report.lock.yml | 21 +-
.../github-remote-mcp-auth-test.lock.yml | 12 +-
.../workflows/glossary-maintainer.lock.yml | 17 +-
.github/workflows/go-fan.lock.yml | 12 +-
.github/workflows/go-logger.lock.yml | 17 +-
.../workflows/go-pattern-detector.lock.yml | 12 +-
.github/workflows/gpclean.lock.yml | 12 +-
.github/workflows/grumpy-reviewer.lock.yml | 16 +-
.github/workflows/hourly-ci-cleaner.lock.yml | 17 +-
.../workflows/instructions-janitor.lock.yml | 17 +-
.github/workflows/issue-arborist.lock.yml | 20 +-
.github/workflows/issue-monster.lock.yml | 16 +-
.github/workflows/issue-triage-agent.lock.yml | 16 +-
.github/workflows/jsweep.lock.yml | 17 +-
.../workflows/layout-spec-maintainer.lock.yml | 17 +-
.github/workflows/lockfile-stats.lock.yml | 12 +-
.github/workflows/mcp-inspector.lock.yml | 12 +-
.github/workflows/mergefest.lock.yml | 15 +-
.../workflows/notion-issue-summary.lock.yml | 8 +-
.github/workflows/org-health-report.lock.yml | 20 +-
.github/workflows/pdf-summary.lock.yml | 16 +-
.github/workflows/plan.lock.yml | 16 +-
.github/workflows/poem-bot.lock.yml | 68 +------
.github/workflows/portfolio-analyst.lock.yml | 20 +-
.../workflows/pr-nitpick-reviewer.lock.yml | 20 +-
.github/workflows/pr-triage-agent.lock.yml | 20 +-
.../prompt-clustering-analysis.lock.yml | 12 +-
.github/workflows/python-data-charts.lock.yml | 20 +-
.github/workflows/q.lock.yml | 21 +-
.github/workflows/refiner.lock.yml | 21 +-
.github/workflows/release.lock.yml | 12 +-
.../workflows/repo-audit-analyzer.lock.yml | 12 +-
.github/workflows/repo-tree-map.lock.yml | 12 +-
.../repository-quality-improver.lock.yml | 12 +-
.github/workflows/research.lock.yml | 12 +-
.github/workflows/safe-output-health.lock.yml | 12 +-
.../schema-consistency-checker.lock.yml | 12 +-
.github/workflows/scout.lock.yml | 12 +-
.../workflows/security-compliance.lock.yml | 12 +-
.github/workflows/security-review.lock.yml | 16 +-
.../semantic-function-refactor.lock.yml | 16 +-
.github/workflows/sergo.lock.yml | 12 +-
.../workflows/slide-deck-maintainer.lock.yml | 17 +-
.github/workflows/smoke-agent.lock.yml | 16 +-
.github/workflows/smoke-claude.lock.yml | 51 +----
.github/workflows/smoke-codex.lock.yml | 32 +--
.github/workflows/smoke-copilot-arm.lock.yml | 40 +---
.github/workflows/smoke-copilot.lock.yml | 40 +---
.github/workflows/smoke-gemini.lock.yml | 20 +-
.github/workflows/smoke-multi-pr.lock.yml | 21 +-
.github/workflows/smoke-project.lock.yml | 41 +---
.github/workflows/smoke-temporary-id.lock.yml | 20 +-
.github/workflows/smoke-test-tools.lock.yml | 12 +-
.../workflows/stale-repo-identifier.lock.yml | 20 +-
.../workflows/static-analysis-report.lock.yml | 12 +-
.../workflows/step-name-alignment.lock.yml | 12 +-
.github/workflows/sub-issue-closer.lock.yml | 16 +-
.github/workflows/super-linter.lock.yml | 12 +-
.../workflows/technical-doc-writer.lock.yml | 29 +--
.github/workflows/terminal-stylist.lock.yml | 12 +-
.../test-create-pr-error-handling.lock.yml | 17 +-
.github/workflows/test-dispatcher.lock.yml | 12 +-
.../test-project-url-default.lock.yml | 16 +-
.github/workflows/tidy.lock.yml | 24 +--
.github/workflows/typist.lock.yml | 12 +-
.../workflows/ubuntu-image-analyzer.lock.yml | 17 +-
.github/workflows/unbloat-docs.lock.yml | 29 +--
.github/workflows/video-analyzer.lock.yml | 12 +-
.../weekly-editors-health-check.lock.yml | 25 +--
.../workflows/weekly-issue-summary.lock.yml | 20 +-
.../weekly-safe-outputs-spec-review.lock.yml | 17 +-
.github/workflows/workflow-generator.lock.yml | 16 +-
.../workflow-health-manager.lock.yml | 20 +-
.../workflows/workflow-normalizer.lock.yml | 12 +-
.../workflow-skill-extractor.lock.yml | 16 +-
actions/setup/md/safe_outputs_prompt.md | 24 +--
pkg/workflow/prompts_test.go | 27 +--
pkg/workflow/unified_prompt_step.go | 184 ++++++------------
154 files changed, 279 insertions(+), 2524 deletions(-)
diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml
index 41ee064b4d1..a7b59f77b21 100644
--- a/.github/workflows/agent-performance-analyzer.lock.yml
+++ b/.github/workflows/agent-performance-analyzer.lock.yml
@@ -115,25 +115,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, create_issue, create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml
index b5a4ef27c8b..bfbc22216c8 100644
--- a/.github/workflows/agent-persona-explorer.lock.yml
+++ b/.github/workflows/agent-persona-explorer.lock.yml
@@ -115,17 +115,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml
index 6632ef00531..25602c353c7 100644
--- a/.github/workflows/ai-moderator.lock.yml
+++ b/.github/workflows/ai-moderator.lock.yml
@@ -152,21 +152,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding Labels to Issues or Pull Requests**
-
- To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
-
- **Hiding a Comment**
-
- To hide a comment, use the hide_comment tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_labels, hide_comment, missing_tool, missing_data
diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml
index fba99c27412..7030015d552 100644
--- a/.github/workflows/archie.lock.yml
+++ b/.github/workflows/archie.lock.yml
@@ -145,17 +145,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, missing_tool, missing_data
diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml
index 2a8427e30ff..37534ddda3f 100644
--- a/.github/workflows/artifacts-summary.lock.yml
+++ b/.github/workflows/artifacts-summary.lock.yml
@@ -113,17 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml
index 30a8476c4e7..fb437ca3f11 100644
--- a/.github/workflows/audit-workflows.lock.yml
+++ b/.github/workflows/audit-workflows.lock.yml
@@ -116,25 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml
index c6a314dc292..d4c9bd875a6 100644
--- a/.github/workflows/auto-triage-issues.lock.yml
+++ b/.github/workflows/auto-triage-issues.lock.yml
@@ -130,21 +130,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Adding Labels to Issues or Pull Requests**
-
- To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, add_labels, missing_tool, missing_data
diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml
index bf8cbcaba50..cad7f9a037c 100644
--- a/.github/workflows/blog-auditor.lock.yml
+++ b/.github/workflows/blog-auditor.lock.yml
@@ -114,17 +114,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/bot-detection.lock.yml b/.github/workflows/bot-detection.lock.yml
index 778600aebe4..a9f04d7cb2d 100644
--- a/.github/workflows/bot-detection.lock.yml
+++ b/.github/workflows/bot-detection.lock.yml
@@ -113,21 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Updating an Issue**
-
- To update an issue, use the update_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, update_issue, missing_tool, missing_data
diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml
index b5489ff9901..bb81591cbef 100644
--- a/.github/workflows/brave.lock.yml
+++ b/.github/workflows/brave.lock.yml
@@ -135,17 +135,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, missing_tool, missing_data
diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml
index 759510a3f4d..f61c6bd77c1 100644
--- a/.github/workflows/breaking-change-checker.lock.yml
+++ b/.github/workflows/breaking-change-checker.lock.yml
@@ -114,17 +114,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml
index 250120cff01..57dac40f581 100644
--- a/.github/workflows/changeset.lock.yml
+++ b/.github/workflows/changeset.lock.yml
@@ -141,24 +141,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Updating a Pull Request**
+ Tools: update_pull_request, push_to_pull_request_branch, missing_tool, missing_data
- To update a pull request title or body, use the update_pull_request tool from safeoutputs.
-
- **Pushing Changes to a Pull Request Branch**
-
- To push changes to the branch of a pull request:
- 1. Make any file changes directly in the working directory.
- 2. Add and commit your changes to the local copy of the pull request branch. Be careful to add exactly the files you intend, and verify you haven't deleted or changed any files you didn't intend to.
- 3. Push the branch to the repo by using the push_to_pull_request_branch tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ push_to_pull_request_branch: commit changes locally (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml
index 0a38f2b5066..3f2a79e6eb3 100644
--- a/.github/workflows/ci-coach.lock.yml
+++ b/.github/workflows/ci-coach.lock.yml
@@ -116,22 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml
index b42d0b63f22..0d0ce319d9e 100644
--- a/.github/workflows/ci-doctor.lock.yml
+++ b/.github/workflows/ci-doctor.lock.yml
@@ -129,25 +129,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Updating an Issue**
-
- To update an issue, use the update_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, create_issue, update_issue, missing_tool, missing_data
diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml
index 747bc5a4006..d5f7ae56c56 100644
--- a/.github/workflows/claude-code-user-docs-review.lock.yml
+++ b/.github/workflows/claude-code-user-docs-review.lock.yml
@@ -109,17 +109,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml
index f25db4381ef..91b626ccda8 100644
--- a/.github/workflows/cli-consistency-checker.lock.yml
+++ b/.github/workflows/cli-consistency-checker.lock.yml
@@ -107,17 +107,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml
index c1d6d0179d8..336cbbb7a1f 100644
--- a/.github/workflows/cli-version-checker.lock.yml
+++ b/.github/workflows/cli-version-checker.lock.yml
@@ -114,17 +114,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml
index 04485b1b1d6..893f2ec560e 100644
--- a/.github/workflows/cloclo.lock.yml
+++ b/.github/workflows/cloclo.lock.yml
@@ -176,26 +176,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
+ Tools: add_comment, create_pull_request, missing_tool, missing_data
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Creating a Pull Request**
-
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml
index d6c0dd30e68..99482bf0bf1 100644
--- a/.github/workflows/code-scanning-fixer.lock.yml
+++ b/.github/workflows/code-scanning-fixer.lock.yml
@@ -110,26 +110,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, add_labels, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Adding Labels to Issues or Pull Requests**
-
- To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml
index 26d5ab411ec..1faf3fce00a 100644
--- a/.github/workflows/code-simplifier.lock.yml
+++ b/.github/workflows/code-simplifier.lock.yml
@@ -115,22 +115,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml
index 6a854e737b7..4a52a0634a6 100644
--- a/.github/workflows/commit-changes-analyzer.lock.yml
+++ b/.github/workflows/commit-changes-analyzer.lock.yml
@@ -115,17 +115,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/contribution-check.lock.yml b/.github/workflows/contribution-check.lock.yml
index a00f132daaa..cc5ccbf9bfa 100644
--- a/.github/workflows/contribution-check.lock.yml
+++ b/.github/workflows/contribution-check.lock.yml
@@ -111,25 +111,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Adding Labels to Issues or Pull Requests**
-
- To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, create_issue, add_labels, missing_tool, missing_data
diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml
index 88b2b7f0dc4..095a76d587b 100644
--- a/.github/workflows/copilot-agent-analysis.lock.yml
+++ b/.github/workflows/copilot-agent-analysis.lock.yml
@@ -116,17 +116,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml
index be8237de451..68210f36328 100644
--- a/.github/workflows/copilot-cli-deep-research.lock.yml
+++ b/.github/workflows/copilot-cli-deep-research.lock.yml
@@ -113,17 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml
index 396def8cda7..e42ecca79b9 100644
--- a/.github/workflows/copilot-pr-merged-report.lock.yml
+++ b/.github/workflows/copilot-pr-merged-report.lock.yml
@@ -106,17 +106,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
GH_AW_PROMPT_EOF
diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
index 13750df4ea3..7069bfb6246 100644
--- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
@@ -116,25 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
index ce0c317763b..799893225c7 100644
--- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
@@ -116,17 +116,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml
index 0bbb987b0dc..ff79d62845a 100644
--- a/.github/workflows/copilot-session-insights.lock.yml
+++ b/.github/workflows/copilot-session-insights.lock.yml
@@ -120,25 +120,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml
index c8bc7bdacd0..a3ec6691c5f 100644
--- a/.github/workflows/craft.lock.yml
+++ b/.github/workflows/craft.lock.yml
@@ -131,24 +131,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
+ Tools: add_comment, push_to_pull_request_branch, missing_tool, missing_data
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Pushing Changes to a Pull Request Branch**
-
- To push changes to the branch of a pull request:
- 1. Make any file changes directly in the working directory.
- 2. Add and commit your changes to the local copy of the pull request branch. Be careful to add exactly the files you intend, and verify you haven't deleted or changed any files you didn't intend to.
- 3. Push the branch to the repo by using the push_to_pull_request_branch tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ push_to_pull_request_branch: commit changes locally (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml
index d526134d180..2ac36786d17 100644
--- a/.github/workflows/daily-assign-issue-to-user.lock.yml
+++ b/.github/workflows/daily-assign-issue-to-user.lock.yml
@@ -107,21 +107,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Assigning to a User**
-
- To assign an issue or pull request to a user, use the assign_to_user tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, assign_to_user, missing_tool, missing_data
diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml
index cdc96a6ccb2..591e1fbd2a2 100644
--- a/.github/workflows/daily-choice-test.lock.yml
+++ b/.github/workflows/daily-choice-test.lock.yml
@@ -107,13 +107,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: missing_tool, missing_data
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index 765f38afaf4..1246102449a 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -115,21 +115,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml
index 7d4ef21bdfc..7bfb45e62e6 100644
--- a/.github/workflows/daily-cli-tools-tester.lock.yml
+++ b/.github/workflows/daily-cli-tools-tester.lock.yml
@@ -108,17 +108,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml
index 95ec0d8c4b6..a3570bd1821 100644
--- a/.github/workflows/daily-code-metrics.lock.yml
+++ b/.github/workflows/daily-code-metrics.lock.yml
@@ -116,25 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml
index 0eee2c8dad7..4f2a240b9d7 100644
--- a/.github/workflows/daily-compiler-quality.lock.yml
+++ b/.github/workflows/daily-compiler-quality.lock.yml
@@ -113,17 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml
index d1607a1cb70..f8dc10ae232 100644
--- a/.github/workflows/daily-copilot-token-report.lock.yml
+++ b/.github/workflows/daily-copilot-token-report.lock.yml
@@ -115,25 +115,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml
index ac04e44725f..04584348613 100644
--- a/.github/workflows/daily-doc-updater.lock.yml
+++ b/.github/workflows/daily-doc-updater.lock.yml
@@ -109,22 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml
index 4783a6991d8..4ff55eb9bfa 100644
--- a/.github/workflows/daily-fact.lock.yml
+++ b/.github/workflows/daily-fact.lock.yml
@@ -93,17 +93,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, missing_tool, missing_data
diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml
index 7749bab3963..9c6ca9cbb8e 100644
--- a/.github/workflows/daily-file-diet.lock.yml
+++ b/.github/workflows/daily-file-diet.lock.yml
@@ -115,17 +115,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml
index ab84300c051..0f6afd37521 100644
--- a/.github/workflows/daily-firewall-report.lock.yml
+++ b/.github/workflows/daily-firewall-report.lock.yml
@@ -114,25 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml
index 0e5940ff03c..20c213ea912 100644
--- a/.github/workflows/daily-issues-report.lock.yml
+++ b/.github/workflows/daily-issues-report.lock.yml
@@ -119,29 +119,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, close_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Closing a Discussion**
-
- To close a discussion, use the close_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml
index cc8bab1f54b..5251029b0e4 100644
--- a/.github/workflows/daily-malicious-code-scan.lock.yml
+++ b/.github/workflows/daily-malicious-code-scan.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Code Scanning Alert**
-
- To create a code scanning alert, use the create_code_scanning_alert tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_code_scanning_alert, missing_tool, missing_data
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
index 4053e049f3d..fc4ef7cd735 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
+++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
@@ -113,21 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Creating an Agent Session**
-
- To create a GitHub Copilot agent session, use the create_agent_session tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, create_agent_session, missing_tool, missing_data
diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml
index e3de8f71cec..d3acf9cb8be 100644
--- a/.github/workflows/daily-multi-device-docs-tester.lock.yml
+++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml
@@ -120,25 +120,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
+ Tools: create_issue, upload_asset, missing_tool, missing_data
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml
index f85bccca697..1d93558859f 100644
--- a/.github/workflows/daily-news.lock.yml
+++ b/.github/workflows/daily-news.lock.yml
@@ -117,25 +117,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml
index d8449417a74..9458bd9846b 100644
--- a/.github/workflows/daily-observability-report.lock.yml
+++ b/.github/workflows/daily-observability-report.lock.yml
@@ -114,21 +114,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Closing a Discussion**
-
- To close a discussion, use the close_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, close_discussion, missing_tool, missing_data
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index 1907f34087d..f89eb23bd72 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -115,29 +115,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, close_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Closing a Discussion**
-
- To close a discussion, use the close_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml
index c1ace42c61b..33a9b7ff418 100644
--- a/.github/workflows/daily-regulatory.lock.yml
+++ b/.github/workflows/daily-regulatory.lock.yml
@@ -113,21 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Closing a Discussion**
-
- To close a discussion, use the close_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, close_discussion, missing_tool, missing_data
diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
index 02d87ff968b..1353c66d5c3 100644
--- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml
+++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
@@ -116,22 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml
index 1daca326712..075c6bfa051 100644
--- a/.github/workflows/daily-repo-chronicle.lock.yml
+++ b/.github/workflows/daily-repo-chronicle.lock.yml
@@ -114,25 +114,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml
index 3d716d9388d..8d67b4963de 100644
--- a/.github/workflows/daily-safe-output-optimizer.lock.yml
+++ b/.github/workflows/daily-safe-output-optimizer.lock.yml
@@ -117,17 +117,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml
index 1495cbffc39..7aa0ed30b9f 100644
--- a/.github/workflows/daily-safe-outputs-conformance.lock.yml
+++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml
index 1ebac25f9e8..ca3b8facdaf 100644
--- a/.github/workflows/daily-secrets-analysis.lock.yml
+++ b/.github/workflows/daily-secrets-analysis.lock.yml
@@ -112,21 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Closing a Discussion**
-
- To close a discussion, use the close_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, close_discussion, missing_tool, missing_data
diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml
index ce16466d7a3..61605d4b7a3 100644
--- a/.github/workflows/daily-security-red-team.lock.yml
+++ b/.github/workflows/daily-security-red-team.lock.yml
@@ -113,17 +113,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml
index 24c26b2793b..8a8e913ece2 100644
--- a/.github/workflows/daily-semgrep-scan.lock.yml
+++ b/.github/workflows/daily-semgrep-scan.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Code Scanning Alert**
-
- To create a code scanning alert, use the create_code_scanning_alert tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_code_scanning_alert, missing_tool, missing_data
diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml
index 6828653dbca..72da1629f56 100644
--- a/.github/workflows/daily-syntax-error-quality.lock.yml
+++ b/.github/workflows/daily-syntax-error-quality.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml
index b40d2a7b868..1fd70d3730f 100644
--- a/.github/workflows/daily-team-evolution-insights.lock.yml
+++ b/.github/workflows/daily-team-evolution-insights.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index 158bd119043..2fa71f0a7f4 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -121,17 +121,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml
index e401bd1dda9..5e87bd1b6b0 100644
--- a/.github/workflows/daily-testify-uber-super-expert.lock.yml
+++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml
@@ -117,17 +117,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml
index 2bc9e1884a6..bfb80430da9 100644
--- a/.github/workflows/daily-workflow-updater.lock.yml
+++ b/.github/workflows/daily-workflow-updater.lock.yml
@@ -108,22 +108,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml
index d70023dd3b1..0b2ef303376 100644
--- a/.github/workflows/deep-report.lock.yml
+++ b/.github/workflows/deep-report.lock.yml
@@ -115,29 +115,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
+ Tools: create_issue, create_discussion, upload_asset, missing_tool, missing_data
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml
index 9d80028bc31..326889d3d3b 100644
--- a/.github/workflows/delight.lock.yml
+++ b/.github/workflows/delight.lock.yml
@@ -114,21 +114,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml
index 616470a6ae5..ef554c62939 100644
--- a/.github/workflows/dependabot-burner.lock.yml
+++ b/.github/workflows/dependabot-burner.lock.yml
@@ -109,17 +109,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml
index c6002ba2ff2..ad412daf0be 100644
--- a/.github/workflows/dependabot-go-checker.lock.yml
+++ b/.github/workflows/dependabot-go-checker.lock.yml
@@ -107,21 +107,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Closing an Issue**
-
- To close an issue, use the close_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, close_issue, missing_tool, missing_data
diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml
index 18773488ecc..bcf52618960 100644
--- a/.github/workflows/dev-hawk.lock.yml
+++ b/.github/workflows/dev-hawk.lock.yml
@@ -124,17 +124,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, missing_tool, missing_data
diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml
index 82cfc68b1ba..c60d2661d2b 100644
--- a/.github/workflows/dev.lock.yml
+++ b/.github/workflows/dev.lock.yml
@@ -107,17 +107,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml
index 9fb9a535752..adceb3b374f 100644
--- a/.github/workflows/developer-docs-consolidator.lock.yml
+++ b/.github/workflows/developer-docs-consolidator.lock.yml
@@ -113,26 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, create_pull_request, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Creating a Pull Request**
-
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml
index b3944965dea..7f734bacffb 100644
--- a/.github/workflows/dictation-prompt.lock.yml
+++ b/.github/workflows/dictation-prompt.lock.yml
@@ -111,22 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml
index 0f4bc8d304b..3a1f4cc22a4 100644
--- a/.github/workflows/discussion-task-miner.lock.yml
+++ b/.github/workflows/discussion-task-miner.lock.yml
@@ -114,21 +114,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, create_issue, missing_tool, missing_data
diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml
index 010b54dca08..7b7db542055 100644
--- a/.github/workflows/docs-noob-tester.lock.yml
+++ b/.github/workflows/docs-noob-tester.lock.yml
@@ -113,25 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml
index ed119ee0cad..498cf2e3189 100644
--- a/.github/workflows/draft-pr-cleanup.lock.yml
+++ b/.github/workflows/draft-pr-cleanup.lock.yml
@@ -108,25 +108,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Closing a Pull Request**
-
- To close a pull request, use the close_pull_request tool from safeoutputs.
-
- **Adding Labels to Issues or Pull Requests**
-
- To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, close_pull_request, add_labels, missing_tool, missing_data
diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml
index 56064f58888..761ab1c9197 100644
--- a/.github/workflows/duplicate-code-detector.lock.yml
+++ b/.github/workflows/duplicate-code-detector.lock.yml
@@ -109,17 +109,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml
index 7b4a3e3880b..cd65c8e591a 100644
--- a/.github/workflows/example-workflow-analyzer.lock.yml
+++ b/.github/workflows/example-workflow-analyzer.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml
index aab0606ba2c..0b40490da49 100644
--- a/.github/workflows/firewall-escape.lock.yml
+++ b/.github/workflows/firewall-escape.lock.yml
@@ -132,17 +132,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/functional-pragmatist.lock.yml b/.github/workflows/functional-pragmatist.lock.yml
index 55716ea5fae..ae83545c130 100644
--- a/.github/workflows/functional-pragmatist.lock.yml
+++ b/.github/workflows/functional-pragmatist.lock.yml
@@ -111,22 +111,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml
index 5639505c09f..898c03a0cf1 100644
--- a/.github/workflows/github-mcp-structural-analysis.lock.yml
+++ b/.github/workflows/github-mcp-structural-analysis.lock.yml
@@ -113,25 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, upload_asset, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Uploading Assets**
-
- To upload files as URL-addressable assets:
- 1. Use the upload_asset tool from safeoutputs.
- 2. Provide the path to the file you want to upload.
- 3. The tool will copy the file to a staging area and return a GitHub raw content URL.
- 4. Assets are uploaded to an orphaned git branch after workflow completion.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml
index 3293ee8c656..0f1256b971b 100644
--- a/.github/workflows/github-mcp-tools-report.lock.yml
+++ b/.github/workflows/github-mcp-tools-report.lock.yml
@@ -113,26 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
+ Tools: create_discussion, create_pull_request, missing_tool, missing_data
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Creating a Pull Request**
-
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml
index cf11b136422..1f13745ade6 100644
--- a/.github/workflows/github-remote-mcp-auth-test.lock.yml
+++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml
@@ -109,17 +109,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml
index 1814818199b..b0977106d6b 100644
--- a/.github/workflows/glossary-maintainer.lock.yml
+++ b/.github/workflows/glossary-maintainer.lock.yml
@@ -113,22 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml
index efce769752c..3b436b9a1fe 100644
--- a/.github/workflows/go-fan.lock.yml
+++ b/.github/workflows/go-fan.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_discussion, missing_tool, missing_data
diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml
index ce08e4d8041..7168088577a 100644
--- a/.github/workflows/go-logger.lock.yml
+++ b/.github/workflows/go-logger.lock.yml
@@ -113,22 +113,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml
index 25e6893ff53..9b804a6b61e 100644
--- a/.github/workflows/go-pattern-detector.lock.yml
+++ b/.github/workflows/go-pattern-detector.lock.yml
@@ -112,17 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml
index 1beae9539c8..a9a668ab439 100644
--- a/.github/workflows/gpclean.lock.yml
+++ b/.github/workflows/gpclean.lock.yml
@@ -109,17 +109,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, missing_tool, missing_data
diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml
index 72095495c89..340c407cc6c 100644
--- a/.github/workflows/grumpy-reviewer.lock.yml
+++ b/.github/workflows/grumpy-reviewer.lock.yml
@@ -136,21 +136,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request Review Comment**
-
- To create a pull request review comment, use the create_pull_request_review_comment tool from safeoutputs.
-
- **Submitting a Pull Request Review**
-
- To submit a pull request review (APPROVE, REQUEST_CHANGES, or COMMENT), use the submit_pull_request_review tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_pull_request_review_comment, submit_pull_request_review, missing_tool, missing_data
diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml
index 5b5e0dc73a5..640fcddbd1c 100644
--- a/.github/workflows/hourly-ci-cleaner.lock.yml
+++ b/.github/workflows/hourly-ci-cleaner.lock.yml
@@ -116,22 +116,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml
index 8a1a188ae89..5d213714466 100644
--- a/.github/workflows/instructions-janitor.lock.yml
+++ b/.github/workflows/instructions-janitor.lock.yml
@@ -109,22 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating a Pull Request**
+ Tools: create_pull_request, missing_tool, missing_data
- To create a pull request:
- 1. Make any file changes directly in the working directory.
- 2. If you haven't done so already, create a local branch using an appropriate unique name.
- 3. Add and commit your changes to the branch. Be careful to add exactly the files you intend, and check there are no extra files left un-added. Verify you haven't deleted or changed any files you didn't intend to.
- 4. Do not push your changes. That will be done by the tool.
- 5. Create the pull request with the create_pull_request tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ create_pull_request: commit changes to a local branch (do not push), then call this tool from safeoutputs.
diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml
index 412de9c6c4a..886e229267e 100644
--- a/.github/workflows/issue-arborist.lock.yml
+++ b/.github/workflows/issue-arborist.lock.yml
@@ -112,25 +112,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Creating an Issue**
-
- To create an issue, use the create_issue tool from safeoutputs.
-
- **Creating a Discussion**
-
- To create a discussion, use the create_discussion tool from safeoutputs.
-
- **Linking a Sub-Issue**
-
- To link an issue as a sub-issue of another issue, use the link_sub_issue tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: create_issue, create_discussion, link_sub_issue, missing_tool, missing_data
diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml
index 1c43859363a..06893733eaa 100644
--- a/.github/workflows/issue-monster.lock.yml
+++ b/.github/workflows/issue-monster.lock.yml
@@ -119,21 +119,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Assigning to an Agent**
-
- To assign an issue or pull request to a GitHub Copilot agent, use the assign_to_agent tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, assign_to_agent, missing_tool, missing_data
diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml
index 05802d09432..4881caca7ab 100644
--- a/.github/workflows/issue-triage-agent.lock.yml
+++ b/.github/workflows/issue-triage-agent.lock.yml
@@ -102,21 +102,7 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'
- **Adding a Comment to an Issue or Pull Request**
-
- To add a comment to an issue or pull request, use the add_comment tool from safeoutputs.
-
- **Adding Labels to Issues or Pull Requests**
-
- To add labels to an issue or pull request, use the add_labels tool from safeoutputs.
-
- **Reporting Missing Tools or Functionality**
-
- To report a missing tool or capability, use the missing_tool tool from safeoutputs.
-
- **Reporting Missing Data**
-
- To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
+ Tools: add_comment, add_labels, missing_tool, missing_data
diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml
index 26686566e04..b830c945180 100644
--- a/.github/workflows/jsweep.lock.yml
+++ b/.github/workflows/jsweep.lock.yml
@@ -109,22 +109,9 @@ jobs:
cat "/opt/gh-aw/prompts/safe_outputs_prompt.md"
cat << 'GH_AW_PROMPT_EOF'