You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This analysis examined all .lock.yml files in the .github/workflows/ directory to identify patterns, usage statistics, and structural characteristics of agentic workflows in this repository.
File Size Distribution
Size Range
Count
Percentage
< 10 KB
0
0%
10-50 KB
8
5.4%
50-100 KB
135
91.8%
> 100 KB
4
2.7%
Size Statistics:
Smallest: codex-github-remote-mcp-test (24 KB)
Largest: smoke-claude (111 KB)
Average: 67 KB
Median Range: 50-100 KB (91.8% of workflows)
Key Finding: The vast majority (91.8%) of workflows fall within the 50-100 KB range, indicating highly consistent structure and complexity across the repository.
Trigger Analysis
Most Popular Triggers
Trigger Type
Count
Percentage
Example Workflow
workflow_dispatch
129
87.8%
agent-performance-analyzer
schedule
104
70.7%
agent-performance-analyzer
issue_comment
14
9.5%
ai-moderator
pull_request
13
8.8%
archie
issues
13
8.8%
ai-moderator
discussion_comment
5
3.4%
—
discussion
4
2.7%
—
workflow_run
2
1.4%
—
push
1
0.7%
—
Trigger Combination Patterns
Number of Triggers
Workflows
Percentage
Pattern
2 triggers
97
66.0%
Most common: schedule + workflow_dispatch
1 trigger
30
20.4%
Single-purpose workflows
3 triggers
15
10.2%
Complex multi-trigger workflows
4+ triggers
1
0.7%
Highly versatile workflows
0 triggers
4
2.7%
Special/test workflows
Key Insight: 66% of workflows use exactly 2 triggers, typically combining scheduled automation with manual dispatch capability. This provides flexibility for both routine automation and ad-hoc execution.
View Schedule Patterns (Cron Expressions)
Most Common Schedule Patterns
Schedule (Cron)
Count
Description
0 14 * * 1-5
4
Daily at 2:00 PM UTC (weekdays)
0 13 * * 1-5
4
Daily at 1:00 PM UTC (weekdays)
0 11 * * 1-5
4
Daily at 11:00 AM UTC (weekdays)
0 9 * * 1-5
2
Daily at 9:00 AM UTC (weekdays)
0 10 * * 1-5
2
Daily at 10:00 AM UTC (weekdays)
0 15 * * 1-5
2
Daily at 3:00 PM UTC (weekdays)
0 16 * * 1-5
2
Daily at 4:00 PM UTC (weekdays)
Pattern: 104 workflows use scheduled triggers, with times scattered throughout the workday (weekdays only) to distribute load and provide continuous monitoring/reporting throughout business hours.
Safe Outputs Analysis
Safe Output Types Distribution
Type
Count
Percentage
Example Workflow
create-issue
113
76.9%
agent-performance-analyzer
create-discussion
108
73.5%
agent-performance-analyzer
create-pull-request
54
36.7%
agent-performance-analyzer
add-comment
34
23.1%
agent-performance-analyzer
update-issue
4
2.7%
—
Total unique safe output types: 5
Multiple Safe Outputs Per Workflow
Workflows with 2+ safe output types: 110 (74.8%)
Most versatile workflows: Support all 4 primary output types (issues, discussions, PRs, comments)
Key Finding: The majority of workflows (74.8%) are designed to produce multiple types of safe outputs, indicating sophisticated agents that can create issues for tracking, discussions for reporting, and pull requests for fixes - all from a single workflow run.
Structural Characteristics
Job Complexity
Average Jobs per Workflow: 7.97 (~8 jobs)
Average Steps per Job: 71.4 steps total per workflow (~9 steps per job)
Maximum Jobs in Single Workflow: 14 jobs
Maximum Steps in Single Workflow: 92 steps (copilot-pr-nlp-analysis)
Typical Lock File Structure
Based on statistical analysis, a typical .lock.yml file has:
Pattern: Nearly all workflows specify explicit timeouts, averaging 21 minutes, which provides adequate time for agent execution while preventing runaway processes.
MCP Server & Tool Patterns
Most Used MCP Servers
MCP Server
Count
Percentage
github
147
100%
safeoutputs
140
95.2%
brave-search
2
1.4%
Universal Pattern: All workflows use the github MCP server for GitHub API access. 95.2% use the safeoutputs server, which provides the safe output creation tools (create-discussion, create-issue, etc.). Only 2 workflows use additional MCP servers like brave-search for web search capabilities.
Interesting Findings
1. Highly Standardized Architecture
The repository demonstrates remarkable consistency:
91.8% of files are 50-100 KB
Average of 8 jobs per workflow
Standard MCP server configuration (GitHub + SafeOutputs)
This indicates a well-established workflow template and best practices.
2. Automation-First with Manual Override
87.8% of workflows support workflow_dispatch (manual trigger), while 70.7% run on a schedule. The combination pattern (66% use exactly 2 triggers) shows a design philosophy of "automate by default, manual when needed."
3. Multi-Modal Output Capabilities
74.8% of workflows can produce multiple types of outputs (issues, discussions, PRs). This suggests sophisticated agents that adapt their output format based on findings:
Issues: For actionable items requiring tracking
Discussions: For reports and analyses
Pull Requests: For automated fixes
Comments: For contextual updates
4. Weekday-Only Scheduling
All scheduled workflows use 1-5 (Monday-Friday) in their cron expressions, avoiding weekend runs. Times are scattered throughout the day (9 AM - 4 PM UTC) to distribute load.
5. Consistent Naming Pattern
Workflow names follow clear patterns:
daily-* for scheduled daily reports
*-analyzer for analysis workflows
*-checker for validation workflows
smoke-* for testing workflows
Recommendations
1. Template Consolidation Opportunity
Given the high standardization (91.8% same size range, ~8 jobs each), consider creating official workflow templates to:
Reduce duplication
Ensure consistent best practices
Simplify maintenance
2. MCP Server Expansion
Only 1.4% of workflows use additional MCP servers beyond the standard GitHub + SafeOutputs. Consider:
Documenting available MCP servers
Creating examples for web search, database, or other integrations
Expanding agent capabilities with specialized tools
3. Load Balancing Optimization
While schedules are scattered, there's clustering at certain hours (11 AM, 1 PM, 2 PM UTC). Consider:
Further distributing schedule times
Implementing workflow prioritization
Monitoring GitHub Actions runner capacity
4. Documentation of Safe Output Patterns
With 110 workflows supporting multiple output types, document best practices for:
When to create issues vs. discussions
How to structure reports for different output types
Error handling across output types
5. Permission Audit
Consider implementing a permission audit workflow to:
Track which workflows need which permissions
Identify over-permissioned workflows
Ensure least-privilege principles
Methodology
Analysis Tools
Bash scripts: For file discovery, parsing, and pattern extraction
awk/grep/sed: For YAML structure analysis and data aggregation
Cache Memory: Used for script persistence at /tmp/gh-aw/cache-memory/
Data Sources
Lock Files Analyzed: 147
Location: .github/workflows/*.lock.yml
Total Data Processed: 9.5 MB
Reproducibility
All analysis scripts have been saved to /tmp/gh-aw/cache-memory/scripts/ for future runs:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
This analysis examined all
.lock.ymlfiles in the.github/workflows/directory to identify patterns, usage statistics, and structural characteristics of agentic workflows in this repository.File Size Distribution
Size Statistics:
Key Finding: The vast majority (91.8%) of workflows fall within the 50-100 KB range, indicating highly consistent structure and complexity across the repository.
Trigger Analysis
Most Popular Triggers
workflow_dispatchscheduleissue_commentpull_requestissuesdiscussion_commentdiscussionworkflow_runpushTrigger Combination Patterns
schedule+workflow_dispatchKey Insight: 66% of workflows use exactly 2 triggers, typically combining scheduled automation with manual dispatch capability. This provides flexibility for both routine automation and ad-hoc execution.
View Schedule Patterns (Cron Expressions)
Most Common Schedule Patterns
0 14 * * 1-50 13 * * 1-50 11 * * 1-50 9 * * 1-50 10 * * 1-50 15 * * 1-50 16 * * 1-5Pattern: 104 workflows use scheduled triggers, with times scattered throughout the workday (weekdays only) to distribute load and provide continuous monitoring/reporting throughout business hours.
Safe Outputs Analysis
Safe Output Types Distribution
create-issuecreate-discussioncreate-pull-requestadd-commentupdate-issueTotal unique safe output types: 5
Multiple Safe Outputs Per Workflow
Key Finding: The majority of workflows (74.8%) are designed to produce multiple types of safe outputs, indicating sophisticated agents that can create issues for tracking, discussions for reporting, and pull requests for fixes - all from a single workflow run.
Structural Characteristics
Job Complexity
Typical Lock File Structure
Based on statistical analysis, a typical
.lock.ymlfile has:schedule+workflow_dispatch)Timeout Configuration
Pattern: Nearly all workflows specify explicit timeouts, averaging 21 minutes, which provides adequate time for agent execution while preventing runaway processes.
MCP Server & Tool Patterns
Most Used MCP Servers
githubsafeoutputsbrave-searchUniversal Pattern: All workflows use the
githubMCP server for GitHub API access. 95.2% use thesafeoutputsserver, which provides the safe output creation tools (create-discussion, create-issue, etc.). Only 2 workflows use additional MCP servers likebrave-searchfor web search capabilities.Interesting Findings
1. Highly Standardized Architecture
The repository demonstrates remarkable consistency:
This indicates a well-established workflow template and best practices.
2. Automation-First with Manual Override
87.8% of workflows support
workflow_dispatch(manual trigger), while 70.7% run on a schedule. The combination pattern (66% use exactly 2 triggers) shows a design philosophy of "automate by default, manual when needed."3. Multi-Modal Output Capabilities
74.8% of workflows can produce multiple types of outputs (issues, discussions, PRs). This suggests sophisticated agents that adapt their output format based on findings:
4. Weekday-Only Scheduling
All scheduled workflows use
1-5(Monday-Friday) in their cron expressions, avoiding weekend runs. Times are scattered throughout the day (9 AM - 4 PM UTC) to distribute load.5. Consistent Naming Pattern
Workflow names follow clear patterns:
daily-*for scheduled daily reports*-analyzerfor analysis workflows*-checkerfor validation workflowssmoke-*for testing workflowsRecommendations
1. Template Consolidation Opportunity
Given the high standardization (91.8% same size range, ~8 jobs each), consider creating official workflow templates to:
2. MCP Server Expansion
Only 1.4% of workflows use additional MCP servers beyond the standard GitHub + SafeOutputs. Consider:
3. Load Balancing Optimization
While schedules are scattered, there's clustering at certain hours (11 AM, 1 PM, 2 PM UTC). Consider:
4. Documentation of Safe Output Patterns
With 110 workflows supporting multiple output types, document best practices for:
5. Permission Audit
Consider implementing a permission audit workflow to:
Methodology
Analysis Tools
/tmp/gh-aw/cache-memory/Data Sources
.github/workflows/*.lock.ymlReproducibility
All analysis scripts have been saved to
/tmp/gh-aw/cache-memory/scripts/for future runs:analyze_lockfiles.sh- Main analysis orchestratorextract_triggers.sh- Trigger pattern extractionextract_detailed_stats.sh- Detailed statistics generationextract_permissions_fixed.sh- Permission and safe output parsingextract_more_details.sh- Additional metadata extractionHistorical Tracking
Analysis results saved to
/tmp/gh-aw/cache-memory/history/2026-01-31.jsonfor trend tracking in future analyses.References:
Beta Was this translation helpful? Give feedback.
All reactions