Add security and moderation agentic workflows#7777
Merged
Evangelink merged 5 commits intomainfrom Apr 23, 2026
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds new gh-aw agentic workflow definitions intended to improve repo hygiene and security posture by automating moderation actions and performing a recurring scan of recent commits for suspicious patterns.
Changes:
- Adds an AI moderation workflow to label/hide suspected spam or AI-generated content on issues/comments/PRs.
- Adds a daily malicious-code scanning workflow definition that can emit code-scanning alerts for suspicious patterns in recent changes.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/ai-moderator.md |
New moderation agent definition (labeling + comment hiding) for issues/comments/PRs. |
.github/workflows/daily-malicious-code-scan.md |
New scheduled security scan agent definition for analyzing recent commits and emitting code-scanning alerts. |
Copilot's findings
Comments suppressed due to low confidence (3)
.github/workflows/ai-moderator.md:37
- The workflow is intended to apply labels and hide comments, but it only requests
issues: read/pull-requests: read. Those actions require write permissions (at leastissues: write, andpull-requests: writeif labeling PRs). Update the permissions block so the safe outputs can be applied successfully.
permissions:
contents: read
issues: read
pull-requests: read
.github/workflows/ai-moderator.md:16
- The instructions mention handling
workflow_dispatch(applying labels to the URL specified in the inputs), butworkflow_dispatchisn’t listed underon:. Either add aworkflow_dispatchtrigger (with explicit inputs for the target issue/PR URL/number) or remove the workflow_dispatch-specific instructions to avoid confusion.
on:
roles: all
issues:
types: [opened]
lock-for-agent: true
issue_comment:
types: [created]
lock-for-agent: true
pull_request:
types: [opened]
forks: "*"
skip-roles: [admin, maintainer, write, triage]
skip-bots: [github-actions, copilot, dependabot]
.github/workflows/daily-malicious-code-scan.md:12
security-eventsis set toread, but the workflow’s goal is to create code-scanning alerts. Creating/uploading code scanning results requiressecurity-events: write(and typically does not work with read-only permissions). Update the workflow permissions accordingly so alert creation can succeed.
permissions:
contents: read
actions: read
security-events: read
- Files reviewed: 2/2 changed files
- Comments generated: 2
Add two security-focused workflows: - ai-moderator: Auto-detects spam, link spam, and AI-generated content on issues/PRs/comments - daily-malicious-code-scan: Daily scan of recent commits for malicious patterns and exfiltration attempts
Evangelink
force-pushed
the
agentic/security-moderation
branch
from
f7e05c1 to
91f4aed
Compare
… workflow_dispatch reference
JanKrivanek
approved these changes
Apr 23, 2026
added 2 commits
April 23, 2026 16:34
# Conflicts: # .github/workflows/daily-efficiency-improver.lock.yml # .github/workflows/lean-squad.lock.yml
Contributor
There was a problem hiding this comment.
Copilot's findings
Comments suppressed due to low confidence (2)
.github/workflows/daily-malicious-code-scan.md:275
- This section requires each alert to include
rule_id,file_path, andstart_line, but thecreate_code_scanning_alerttool in the compiled workflow does not accept those fields. Please align the required fields list with the tool contract (e.g.,file,line,message,severity, optionalruleIdSuffix/column) so the agent can successfully report findings.
Your output MUST:
1. **If suspicious patterns are found**:
- **CALL** the `create_code_scanning_alert` tool for each finding
- Each alert must include: `rule_id`, `message`, `severity`, `file_path`, `start_line`, `description`
- Provide detailed descriptions explaining the threat and recommended remediation
.github/workflows/ai-moderator.md:45
allowed-reasons: [spam]is inconsistent with the Safe Outputshide_commenttool schema in the generated workflow, which only allows uppercase reasons likeSPAM/ABUSE/etc. If the agent follows this config/instruction, safe-output validation may reject the request; please align the allowed reasons and the instruction text with the tool’s accepted values.
allowed: [spam, ai-generated, link-spam, ai-inspected]
target: "*"
hide-comment:
max: 5
allowed-reasons: [spam]
threat-detection: false
- Files reviewed: 11/11 changed files
- Comments generated: 3
Comment on lines
+198
to
+207
| ```json | ||
| { | ||
| "create_code_scanning_alert": [ | ||
| { | ||
| "rule_id": "malicious-code-scanner/[CATEGORY]", | ||
| "message": "[Brief description of the threat]", | ||
| "severity": "[error|warning|note]", | ||
| "file_path": "[path/to/file]", | ||
| "start_line": 1, | ||
| "description": "[Detailed explanation of why this is suspicious, including:\n- Pattern detected\n- Context from code review\n- Potential security impact\n- Recommended remediation]" |
There was a problem hiding this comment.
The example create_code_scanning_alert payload uses fields (rule_id, file_path, start_line, description) that don’t match the Safe Outputs tool schema in the generated workflow (expects file, line, message, severity, and optional ruleIdSuffix/column). As written, the agent is likely to emit invalid safe-output calls and fail to create alerts; please update the example and guidance to use the actual parameter names/constraints (notably ruleIdSuffix must match ^[a-zA-Z0-9_-]+$).
This issue also appears on line 270 of the same file.
Comment on lines
+49
to
+55
|
|
||
| name: "Repository Quality Improver" | ||
| "on": | ||
| schedule: | ||
| - cron: "7 5 * * 1-5" | ||
| # Friendly format: daily on weekdays (scattered) | ||
| workflow_dispatch: |
There was a problem hiding this comment.
The PR description says it adds two workflows (ai-moderator.md and daily-malicious-code-scan.md), but this PR also adds repository-quality-improver.lock.yml (a separate workflow). Please update the PR description to reflect this additional workflow change, or move it to a separate PR if it’s unrelated.
| on: | ||
| schedule: | ||
| - cron: "37 */6 * * *" # Every 6 hours (based on minimum expires: 2 days) | ||
| - cron: "37 */2 * * *" # Every 2 hours (based on minimum expires: 1 days) |
There was a problem hiding this comment.
Comment says "minimum expires: 1 days"; grammar should be singular ("1 day").
Suggested change
| - cron: "37 */2 * * *" # Every 2 hours (based on minimum expires: 1 days) | |
| - cron: "37 */2 * * *" # Every 2 hours (based on minimum expires: 1 day) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Security & Moderation Agentic Workflows
This PR adds two security-focused workflows for automated content moderation and malicious code detection.
Workflows Added
ai-moderator.mddaily-malicious-code-scan.mdAI Moderator
spam,link-spam,ai-generated,ai-inspected)Daily Malicious Code Scan
Part of the agentic workflows setup series.