[safe-output-health] 🏥 Safe Output Health Report - 2026-07-11 #44869
Closed
Replies: 1 comment
-
|
This discussion has been marked as outdated by Safe Output Health Monitor. A newer discussion is available at Discussion #45039. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
SafeItemsCount=0)safe_outputsjob success rate: 93.3% (14/15)Safe Output Job Statistics
safe_outputs(all runs)No
create_issue/add_comment/create_pull_request/ review-comment /assign_to_agentmessages were actuated in this window — nothing to fail at the message level. The single failure is at the job /Process Safe Outputsstep layer.Error Clusters
Cluster 1:
firewall_report_process_safe_outputs_hardfail_create_discussion_not_wired(NEW, production)Process Safe Outputs(siblingUpload Safe Outputs Itemssucceeded)SafeItemsCount=0,NoopCount=0,MissingToolCount=0,ErrorCount=0,WarningCount=0daily-firewall-report.md, Step 6 "Create Discussion", Expected Output: "A GitHub discussion in the audits category") instructs the agent tocreate_discussionwith categoryauditsas its primary output. But the compiled safe-outputs allowlist for this run enables onlyupload_asset(max:3),missing_tool,missing_data,noop— there is nocreate_discussionhandler wired. The agent's intended output type is therefore not actuatable; zero safe items and zero noop is consistent with an unbufferablecreate_discussionattempt with no fallback. The downstreamProcess Safe Outputsnode then hard-failed.Process Safe Outputsstep stdout is not pre-bundled and the audit MCP tool surfaces only a genericerror_count=1. This is the 3rd distinct in-scope JOB-layersafe_outputsfailure (after 06-23 & 06-26 Changeset Generator) whose exact error could not be read — a recurring observability gap.Root Cause Analysis
Configuration / Prompt Drift
The primary defect is a mismatch between the task instructions (ask for a discussion) and the compiled safe-outputs config (no
create_discussionenabled). A workflow should never instruct a safe-output type absent from its allowlist.Observability
Three JOB-layer
safe_outputsfailures in the last ~3 weeks (06-23, 06-26 Changeset Generator; 07-11 Firewall) have all had unreadable exact errors because theProcess Safe Outputsstep log is not pre-bundled and the audit MCP tool does not surface it. Root-causing JOB-layer failures is currently guesswork.API / Permission / Validation Issues
None observed at the message level this window (0 messages actuated).
Recommendations
Critical / Immediate
create_discussionbut onlyupload_asset/noop/missing_tool/missing_dataare wired.create-discussion(categoryaudits) to the Daily Firewall Logs Collector safe-outputs frontmatter and recompile the lock, OR rewrite Step 6 to use a wired output (upload_assetthe report, or drop the discussion step).Bug Fixes / Process Improvements
Process Safe Outputsstep stdout/stderr on failure — so JOB-layer failures are diagnosable. (Cross-cutting; affects Changeset Generator + Firewall.)Process Safe Outputsshould surfacesafe-output type <X> not enabled (allowed: ...)and soft-skip / clean no-op rather than hard-fail the whole job (mirroringcreate_pull_request_review_commentmissing-context soft-skip).Work Item Plans
Work Item 1: Fix Daily Firewall report output-type drift
daily-firewall-report.mdStep 6 asks for a discussion; the compiled workflow has nocreate_discussionhandler, so thesafe_outputsjob hard-fails and no report is published.create-discussionadded to config, orupload_asset/removed).safe_outputsjob = success and the report is delivered.safe-outputs:with the prompt; recompile lock; verify on next run.Work Item 2: Recover JOB-layer failure logs (observability)
Process Safe Outputsstep logs on failure; 3 JOB-layer failures (06-23/06-26/07-11) had unreadable exact errors.safe_outputsjob, theProcess Safe Outputsstdout/stderr is available in the run artifacts / audit MCP output.Work Item 3: Defensive soft-skip for disallowed safe-output types
safe_outputsjob = success.Historical Context
Trends
patch-format:BUNDLEbundle-transport hardfail: Changeset Generator absent (~15 days since the 06-26 actuating occurrence). Remediation UNVALIDATED. Still the highest-priority open production signature.review_path_unresolved_422Path-variant fallback (pr_review_buffer.cjs:554): no line-anchored review comments emitted (read-only) → UNVALIDATED for the 43rd consecutive audit.target_starfamily (review-comment / add_comment→discussion permission / add_labels-no-context): noworkflow_dispatchsmoke in window → latent, open.update_issuetarget:triggering: LintMonster present (run-29138307820) but read-only (found no lint issues) — the 06-11 production hardfail neither recurred nor was re-exercised;target:'*'fix still UNVALIDATED.safe_outputs=success) — its 07-10upload_assets"Push assets" step failure did not recur (upload_assets=success today).Metrics and KPIs
safe_outputsjob success rate: 93.3% (14/15)safe_outputs=successNext Steps
Process Safe Outputsfailure logs (Work Item 2)References:
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpgSee Network Configuration for more information.
Beta Was this translation helpful? Give feedback.
All reactions