Skip to content

[deep-report] Add gh-aw-detection: true to 3 misconfigured detection workflows #44571

Description

@github-actions

Description

The Detection Analysis Report (discussion #44557) flagged 3 workflows as misconfigured for the detection feature over the last 24h. Bot Detection (and 2 others matching the audit/analysis/report naming pattern) run without gh-aw-detection: true, so their outputs skip threat scanning. Add the gh-aw-detection: true config to each flagged workflow's frontmatter and recompile (make recompile).

Expected Impact

Closes a detection coverage gap: detection-enabled runs show a higher success rate (60.7% vs 44.4% regular) and every audit/analysis/report workflow gains threat scanning on its safe outputs.

Suggested Agent

Workflow-editing agent (e.g. Copilot SWE Agent) or a dedicated detection-config agent.

Estimated Effort

Quick (< 1 hour)

Data Source

DeepReport analysis 2026-07-09 — Detection Analysis Report #44557.

Generated by 🔬 Deep Report · 184 AIC · ⌖ 16.4 AIC · ⊞ 10K ·

  • expires on Jul 11, 2026, 7:51 AM UTC-08:00

Metadata

Metadata

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions