[daily secrets] Daily Secrets Analysis - February 18, 2026

[github-actions[bot]]

Daily automated scan of secret usage across all 152 compiled workflow files (.lock.yml). All 152 workflows have redaction enabled and explicit permission blocks — the security posture remains strong.

Key Metrics

Metric	Value
Workflow files analyzed	152
Total secrets.* references	5,097
github.token references	390
Unique secret types	24
Workflows with redaction	152 / 152 (100%)
Token cascade instances	473
Explicit permission blocks	152 / 152 (100%)
Secrets exposed in job outputs	0 ✅
Workflows with sanitization	146 / 152

Secret Type Distribution

#	Secret Name	Occurrences	Category
1	GITHUB_TOKEN	1,640	GitHub Auth
2	GH_AW_GITHUB_TOKEN	1,615	GitHub Auth
3	GH_AW_GITHUB_MCP_SERVER_TOKEN	772	GitHub Auth
4	COPILOT_GITHUB_TOKEN	506	GitHub Auth
5	CLAUDE_CODE_OAUTH_TOKEN	185	AI Engine
6	ANTHROPIC_API_KEY	185	AI Engine
7	OPENAI_API_KEY	68	AI Engine
8	CODEX_API_KEY	68	AI Engine
9	TAVILY_API_KEY	15	External Service
10	NOTION_API_TOKEN	6	External Service

View All 24 Secret Types

Secret Name	Occurrences	Category
GITHUB_TOKEN	1,640	GitHub Auth
GH_AW_GITHUB_TOKEN	1,615	GitHub Auth
GH_AW_GITHUB_MCP_SERVER_TOKEN	772	GitHub Auth
COPILOT_GITHUB_TOKEN	506	GitHub Auth
CLAUDE_CODE_OAUTH_TOKEN	185	AI Engine
ANTHROPIC_API_KEY	185	AI Engine
OPENAI_API_KEY	68	AI Engine
CODEX_API_KEY	68	AI Engine
TAVILY_API_KEY	15	External Service
NOTION_API_TOKEN	6	External Service
GH_AW_PROJECT_GITHUB_TOKEN	6	GitHub Auth
GH_AW_AGENT_TOKEN	4	GitHub Auth
BRAVE_API_KEY	4	External Service
DD_SITE	3	External Service
DD_APPLICATION_KEY	3	External Service
DD_API_KEY	3	External Service
SENTRY_OPENAI_API_KEY	2	External Service
SENTRY_ACCESS_TOKEN	2	External Service
CONTEXT7_API_KEY	2	External Service
AZURE_TENANT_ID	2	External Service
AZURE_CLIENT_SECRET	2	External Service
AZURE_CLIENT_ID	2	External Service
SLACK_BOT_TOKEN	1	External Service
GH_AW_BOT_DETECTION_TOKEN	1	GitHub Auth

Category Totals:

• GitHub Auth tokens: 4,544 (89.2%)
• AI Engine tokens: 506 (9.9%)
• External Service tokens: 47 (0.9%)

Security Posture

✅ Redaction System: 152/152 workflows (100%) include secret redaction steps
✅ Permission Blocks: 152/152 workflows (100%) have explicit permissions: definitions
✅ Token Cascade Pattern: 473 instances of GH_AW_GITHUB_MCP_SERVER_TOKEN || GH_AW_GITHUB_TOKEN || GITHUB_TOKEN fallback chains — ensures graceful degradation
✅ No Secrets in Outputs: 0 instances of secrets leaked into job outputs
✅ Input Sanitization: 146/152 workflows use sanitized inputs to prevent injection

View Security Check Details

Template Injection Risk Assessment

1,897 uses of github.event.* expressions were found outside of env: blocks. These are expected in activation job conditions and if/step conditionals, but should not be used directly in shell scripts. The safe-inputs system handles sanitization of user-supplied content (title, body, text) for 146/152 workflows.

6 workflows without explicit sanitization steps may handle only non-user-supplied event data (e.g., scheduled workflows, internal triggers). This warrants a review to confirm none process untrusted user input directly.

Secret Exposure Checks

• Secrets in job outputs: 0 — no secrets are forwarded to job outputs ✅
• Direct shell interpolation: All secrets are passed via environment variables, not directly interpolated in run scripts ✅
• Cascade fallback tokens: The 3-tier fallback (GH_AW_GITHUB_MCP_SERVER_TOKEN || GH_AW_GITHUB_TOKEN || GITHUB_TOKEN) is consistent across 473 usages, ensuring workflows always have a valid token ✅

Trends (vs. Feb 17, 2026)

The previous run (Feb 17) reported a similar profile. Secret types and counts remain stable. No new secret types introduced, no unusual deviations detected.

Recommendations

1. Review 6 workflows without sanitization — confirm they process only non-user-supplied event data and don't expose injection vectors.
2. Audit AZURE_* secrets — Azure credentials (CLIENT_ID, CLIENT_SECRET, TENANT_ID) appear in only 2 workflows each; verify they are scoped to minimal permissions.
3. Monitor SENTRY_OPENAI_API_KEY — combination of Sentry + OpenAI key suggests a specific integration; confirm it's intentionally scoped.

Reference Documentation

• Secrets specification: scratchpad/secrets-yml.md
• Redaction system: actions/setup/js/redact_secrets.cjs

References:

• §22155669819

AI generated by Daily Secrets Analysis Agent

• expires on Feb 21, 2026, 8:09 PM UTC

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-21T20:09:18.972Z.

Closed by Workflow