Description
The Detection Analysis Report (discussion #44557) flagged 3 workflows as misconfigured for the detection feature over the last 24h. Bot Detection (and 2 others matching the audit/analysis/report naming pattern) run without gh-aw-detection: true, so their outputs skip threat scanning. Add the gh-aw-detection: true config to each flagged workflow's frontmatter and recompile (make recompile).
Expected Impact
Closes a detection coverage gap: detection-enabled runs show a higher success rate (60.7% vs 44.4% regular) and every audit/analysis/report workflow gains threat scanning on its safe outputs.
Suggested Agent
Workflow-editing agent (e.g. Copilot SWE Agent) or a dedicated detection-config agent.
Estimated Effort
Quick (< 1 hour)
Data Source
DeepReport analysis 2026-07-09 — Detection Analysis Report #44557.
Generated by 🔬 Deep Report · 184 AIC · ⌖ 16.4 AIC · ⊞ 10K · ◷
Description
The Detection Analysis Report (discussion #44557) flagged 3 workflows as misconfigured for the detection feature over the last 24h.
Bot Detection(and 2 others matching the audit/analysis/report naming pattern) run withoutgh-aw-detection: true, so their outputs skip threat scanning. Add thegh-aw-detection: trueconfig to each flagged workflow's frontmatter and recompile (make recompile).Expected Impact
Closes a detection coverage gap: detection-enabled runs show a higher success rate (60.7% vs 44.4% regular) and every audit/analysis/report workflow gains threat scanning on its safe outputs.
Suggested Agent
Workflow-editing agent (e.g. Copilot SWE Agent) or a dedicated detection-config agent.
Estimated Effort
Quick (< 1 hour)
Data Source
DeepReport analysis 2026-07-09 — Detection Analysis Report #44557.