📊 Agentic Workflow Lock File Statistics - January 31, 2026

[github-actions[bot]]

Executive Summary

• Total Lock Files: 147
• Total Size: 9.5 MB (9,991,598 bytes)
• Average File Size: 67 KB
• Analysis Date: 2026-01-31
• Repository: githubnext/gh-aw

This analysis examined all .lock.yml files in the .github/workflows/ directory to identify patterns, usage statistics, and structural characteristics of agentic workflows in this repository.

File Size Distribution

Size Range	Count	Percentage
< 10 KB	0	0%
10-50 KB	8	5.4%
50-100 KB	135	91.8%
> 100 KB	4	2.7%

Size Statistics:

• Smallest: codex-github-remote-mcp-test (24 KB)
• Largest: smoke-claude (111 KB)
• Average: 67 KB
• Median Range: 50-100 KB (91.8% of workflows)

Key Finding: The vast majority (91.8%) of workflows fall within the 50-100 KB range, indicating highly consistent structure and complexity across the repository.

Trigger Analysis

Most Popular Triggers

Trigger Type	Count	Percentage	Example Workflow
workflow_dispatch	129	87.8%	agent-performance-analyzer
schedule	104	70.7%	agent-performance-analyzer
issue_comment	14	9.5%	ai-moderator
pull_request	13	8.8%	archie
issues	13	8.8%	ai-moderator
discussion_comment	5	3.4%	—
discussion	4	2.7%	—
workflow_run	2	1.4%	—
push	1	0.7%	—

Trigger Combination Patterns

Number of Triggers	Workflows	Percentage	Pattern
2 triggers	97	66.0%	Most common: schedule + workflow_dispatch
1 trigger	30	20.4%	Single-purpose workflows
3 triggers	15	10.2%	Complex multi-trigger workflows
4+ triggers	1	0.7%	Highly versatile workflows
0 triggers	4	2.7%	Special/test workflows

Key Insight: 66% of workflows use exactly 2 triggers, typically combining scheduled automation with manual dispatch capability. This provides flexibility for both routine automation and ad-hoc execution.

View Schedule Patterns (Cron Expressions)

Most Common Schedule Patterns

Schedule (Cron)	Count	Description
0 14 * * 1-5	4	Daily at 2:00 PM UTC (weekdays)
0 13 * * 1-5	4	Daily at 1:00 PM UTC (weekdays)
0 11 * * 1-5	4	Daily at 11:00 AM UTC (weekdays)
0 9 * * 1-5	2	Daily at 9:00 AM UTC (weekdays)
0 10 * * 1-5	2	Daily at 10:00 AM UTC (weekdays)
0 15 * * 1-5	2	Daily at 3:00 PM UTC (weekdays)
0 16 * * 1-5	2	Daily at 4:00 PM UTC (weekdays)

Pattern: 104 workflows use scheduled triggers, with times scattered throughout the workday (weekdays only) to distribute load and provide continuous monitoring/reporting throughout business hours.

Safe Outputs Analysis

Safe Output Types Distribution

Type	Count	Percentage	Example Workflow
create-issue	113	76.9%	agent-performance-analyzer
create-discussion	108	73.5%	agent-performance-analyzer
create-pull-request	54	36.7%	agent-performance-analyzer
add-comment	34	23.1%	agent-performance-analyzer
update-issue	4	2.7%	—

Total unique safe output types: 5

Multiple Safe Outputs Per Workflow

• Workflows with 2+ safe output types: 110 (74.8%)
• Most versatile workflows: Support all 4 primary output types (issues, discussions, PRs, comments)

Key Finding: The majority of workflows (74.8%) are designed to produce multiple types of safe outputs, indicating sophisticated agents that can create issues for tracking, discussions for reporting, and pull requests for fixes - all from a single workflow run.

Structural Characteristics

Job Complexity

• Average Jobs per Workflow: 7.97 (~8 jobs)
• Average Steps per Job: 71.4 steps total per workflow (~9 steps per job)
• Maximum Jobs in Single Workflow: 14 jobs
• Maximum Steps in Single Workflow: 92 steps (copilot-pr-nlp-analysis)

Typical Lock File Structure

Based on statistical analysis, a typical .lock.yml file has:

• Size: ~67 KB
• Jobs: ~8 jobs (commonly: activation, agent, create-discussion, create-issue, create-pr, add-comment, etc.)
• Steps per Workflow: ~71 steps total
• Permissions: Read access to contents, issues, and pull requests
• Triggers: 2 triggers (typically schedule + workflow_dispatch)
• Timeout: ~21 minutes average
• MCP Servers: GitHub + SafeOutputs (standard configuration)

Timeout Configuration

• Average Timeout: 21 minutes
• Workflows with Explicit Timeout: 146/147 (99.3%)

Pattern: Nearly all workflows specify explicit timeouts, averaging 21 minutes, which provides adequate time for agent execution while preventing runaway processes.

MCP Server & Tool Patterns

Most Used MCP Servers

MCP Server	Count	Percentage
github	147	100%
safeoutputs	140	95.2%
brave-search	2	1.4%

Universal Pattern: All workflows use the github MCP server for GitHub API access. 95.2% use the safeoutputs server, which provides the safe output creation tools (create-discussion, create-issue, etc.). Only 2 workflows use additional MCP servers like brave-search for web search capabilities.

Interesting Findings

1. Highly Standardized Architecture

The repository demonstrates remarkable consistency:

• 91.8% of files are 50-100 KB
• Average of 8 jobs per workflow
• Standard MCP server configuration (GitHub + SafeOutputs)

This indicates a well-established workflow template and best practices.

2. Automation-First with Manual Override

87.8% of workflows support workflow_dispatch (manual trigger), while 70.7% run on a schedule. The combination pattern (66% use exactly 2 triggers) shows a design philosophy of "automate by default, manual when needed."

3. Multi-Modal Output Capabilities

74.8% of workflows can produce multiple types of outputs (issues, discussions, PRs). This suggests sophisticated agents that adapt their output format based on findings:

• Issues: For actionable items requiring tracking
• Discussions: For reports and analyses
• Pull Requests: For automated fixes
• Comments: For contextual updates

4. Weekday-Only Scheduling

All scheduled workflows use 1-5 (Monday-Friday) in their cron expressions, avoiding weekend runs. Times are scattered throughout the day (9 AM - 4 PM UTC) to distribute load.

5. Consistent Naming Pattern

Workflow names follow clear patterns:

• daily-* for scheduled daily reports
• *-analyzer for analysis workflows
• *-checker for validation workflows
• smoke-* for testing workflows

Recommendations

1. Template Consolidation Opportunity

Given the high standardization (91.8% same size range, ~8 jobs each), consider creating official workflow templates to:

• Reduce duplication
• Ensure consistent best practices
• Simplify maintenance

2. MCP Server Expansion

Only 1.4% of workflows use additional MCP servers beyond the standard GitHub + SafeOutputs. Consider:

• Documenting available MCP servers
• Creating examples for web search, database, or other integrations
• Expanding agent capabilities with specialized tools

3. Load Balancing Optimization

While schedules are scattered, there's clustering at certain hours (11 AM, 1 PM, 2 PM UTC). Consider:

• Further distributing schedule times
• Implementing workflow prioritization
• Monitoring GitHub Actions runner capacity

4. Documentation of Safe Output Patterns

With 110 workflows supporting multiple output types, document best practices for:

• When to create issues vs. discussions
• How to structure reports for different output types
• Error handling across output types

5. Permission Audit

Consider implementing a permission audit workflow to:

• Track which workflows need which permissions
• Identify over-permissioned workflows
• Ensure least-privilege principles

Methodology

Analysis Tools

• Bash scripts: For file discovery, parsing, and pattern extraction
• awk/grep/sed: For YAML structure analysis and data aggregation
• Cache Memory: Used for script persistence at /tmp/gh-aw/cache-memory/

Data Sources

• Lock Files Analyzed: 147
• Location: .github/workflows/*.lock.yml
• Total Data Processed: 9.5 MB

Reproducibility

All analysis scripts have been saved to /tmp/gh-aw/cache-memory/scripts/ for future runs:

• analyze_lockfiles.sh - Main analysis orchestrator
• extract_triggers.sh - Trigger pattern extraction
• extract_detailed_stats.sh - Detailed statistics generation
• extract_permissions_fixed.sh - Permission and safe output parsing
• extract_more_details.sh - Additional metadata extraction

Historical Tracking

Analysis results saved to /tmp/gh-aw/cache-memory/history/2026-01-31.json for trend tracking in future analyses.

References:

• §21546216645

AI generated by Lockfile Statistics Analysis Agent

• expires on Feb 7, 2026, 3:00 PM UTC

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-07T15:00:20.838Z.