[daily secrets] Daily Secrets Analysis — 2026-04-04

[github-actions[bot]]

🔐 Daily Secrets Analysis Report

Date: 2026-04-04
Workflow Files Analyzed: 181
Run: §23988693159

---

📊 Executive Summary

Metric	Value
secrets.* references	3,554
github.token references	747
Total secret references	4,301
Unique secret types	29
Workflows analyzed	181
Workflows using AI model keys	61 (34%)
Workflows using external services	7 (4%)

---

🛡️ Security Posture

Control	Status	Coverage
Redaction steps (redact_secrets.cjs)	✅ All workflows	181 / 181 (100%)
Explicit permissions: block	✅ All workflows	181 / 181 (100%)
Token fallback cascade	✅ Present	683 cascade usages
Secrets exposed in outputs:	✅ None found	0

Security posture is excellent: every compiled workflow has both a redaction step and an explicit permissions block. The token cascade pattern (GH_AW_GITHUB_MCP_SERVER_TOKEN || GH_AW_GITHUB_TOKEN || GITHUB_TOKEN) is consistently applied across 683 usage sites.

---

🎯 Key Findings

1. GitHub token triad dominates — GITHUB_TOKEN (1,960), GH_AW_GITHUB_TOKEN (1,872), and GH_AW_GITHUB_MCP_SERVER_TOKEN (1,019) together account for ~4,851 of all secret references, reflecting the standard fallback chain pattern used in every workflow.

2. Copilot engine key present — COPILOT_GITHUB_TOKEN appears 312 times across Copilot-engine workflows. This is a separate privileged token for Copilot API access and warrants periodic rotation review.

3. Multi-AI engine support — 61 workflows (34%) reference at least one AI provider key (ANTHROPIC_API_KEY ×164, OPENAI_API_KEY ×102, CODEX_API_KEY ×102, GEMINI_API_KEY ×4). All workflows with zero secrets: 0 — every compiled workflow uses at least one secret.

4. github.event.* in non-env contexts — 2,249 occurrences of github.event.* outside explicit env: blocks were observed. Investigation confirms these are in safe locations: if: conditions, concurrency group keys, and numeric event IDs (comment ID, issue number, PR number) — not unsafe string interpolation into run: steps. No template injection risk found.

5. External integrations are narrow — Only 7 workflows use third-party service secrets (Slack, Notion, Tavily, Brave, Datadog, Sentry, Azure). Low blast radius if any single integration key is compromised.

---

💡 Recommendations

1. Review COPILOT_GITHUB_TOKEN rotation cadence — With 312 usages across workflows, this is a high-value token. Ensure it follows at least a 90-day rotation policy.

2. Audit GH_AW_SIDE_REPO_PAT — Used 19 times; cross-repository PATs carry elevated risk. Verify it has the minimum required scope and is rotation-scheduled.

3. Monitor AI key sprawl — 4 distinct AI provider keys (Anthropic, OpenAI, Codex, Gemini) in active use. Consider centralizing AI access through a single proxy/gateway to reduce the key surface area.

---

🔑 Top 20 Secrets by Usage

Rank	Secret Name	Occurrences	Category
1	GITHUB_TOKEN	1,960	GitHub Token
2	GH_AW_GITHUB_TOKEN	1,872	GitHub Token (PAT)
3	GH_AW_GITHUB_MCP_SERVER_TOKEN	1,019	GitHub MCP Token
4	COPILOT_GITHUB_TOKEN	312	Copilot API Token
5	ANTHROPIC_API_KEY	164	AI Provider
6	OPENAI_API_KEY	102	AI Provider
7	CODEX_API_KEY	102	AI Provider
8	GH_AW_CI_TRIGGER_TOKEN	42	CI Automation
9	GH_AW_SIDE_REPO_PAT	19	Cross-repo PAT
10	TAVILY_API_KEY	15	External Service
11	GH_AW_PROJECT_GITHUB_TOKEN	9	GitHub Token (PAT)
12	NOTION_API_TOKEN	6	External Service
13	GH_AW_AGENT_TOKEN	6	Agent Token
14	GEMINI_API_KEY	4	AI Provider
15	BRAVE_API_KEY	4	External Service
16	DD_SITE	3	Observability
17	DD_APPLICATION_KEY	3	Observability
18	DD_API_KEY	3	Observability
19	SENTRY_OPENAI_API_KEY	2	Observability/AI
20	SENTRY_ACCESS_TOKEN	2	Observability

Remaining (low-use): GH_AW_OTEL_HEADERS, GH_AW_OTEL_ENDPOINT, CONTEXT, AZURE_TENANT_ID, AZURE_CLIENT_SECRET, AZURE_CLIENT_ID, SLACK_BOT_TOKEN, GH_AW_PLUGINS_TOKEN

📊 Secret Category Breakdown

Category	Secrets	Total Refs	% of Total
GitHub Tokens	GITHUB_TOKEN, GH_AW_GITHUB_TOKEN, GH_AW_GITHUB_MCP_SERVER_TOKEN, COPILOT_GITHUB_TOKEN, GH_AW_SIDE_REPO_PAT, GH_AW_PROJECT_GITHUB_TOKEN, GH_AW_AGENT_TOKEN, GH_AW_CI_TRIGGER_TOKEN, GH_AW_PLUGINS_TOKEN	~5,246	~76%
AI Providers	ANTHROPIC_API_KEY, OPENAI_API_KEY, CODEX_API_KEY, GEMINI_API_KEY	372	~5%
External Services	TAVILY_API_KEY, BRAVE_API_KEY, NOTION_API_TOKEN, SLACK_BOT_TOKEN, AZURE_*	~25	<1%
Observability	DD_API_KEY, DD_APPLICATION_KEY, DD_SITE, SENTRY_, GH_AW_OTEL_	~16	<1%
github.token (built-in)	—	747	~11%

🔍 Security Check Details

Redaction System: redact_secrets.cjs is present in all 181 workflows, ensuring secret values are scrubbed from logs before they are written.

Token Cascade Pattern: The 3-tier fallback secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN ensures graceful degradation. Found in 683 usages across workflow env blocks.

Secrets in outputs: blocks: None detected — secrets are never propagated through job output channels.

github.event.* usage analysis: 2,249 usages outside explicit env: assignments. All sampled instances are in safe contexts:

• Concurrency group keys (using numeric IDs: github.event.issue.number, github.run_id)
• if: condition expressions (evaluated server-side, not string-interpolated)
• env: variable assignments within step-level env maps

No template injection vulnerabilities identified.

Permissions blocks: All 181 workflows declare explicit permissions:, following least-privilege principle.

📖 Reference Documentation

• Secrets specification: scratchpad/secrets-yml.md
• Redaction system: actions/setup/js/redact_secrets.cjs
• Token cascade documentation: See AGENTS.md → "GitHub MCP Server" section

---

Generated: 2026-04-04T22:15 UTC
Workflow Run: §23988693159

Generated by Daily Secrets Analysis Agent · ● 377.3K · ◷

• expires on Apr 7, 2026, 10:18 PM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Daily Secrets Analysis Agent.

A newer discussion is available at Discussion #24784.