You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Target Workflow: security-review (Daily Security Review and Threat Modeling)
Source report: Daily Copilot Token Usage Analyzer run #29186588360 Estimated AIC per run: 104.671 Estimated total tokens per run: ~104,700 Runtime: 10.9 minutes GitHub API calls: 11 Schedule: Daily at 06:51 UTC
This file content enters the context as tool_result messages and stays for the rest of the session, consuming ~26,700 input tokens every single run — regardless of what actually changed in those files.
Instead of having the agent cat large files, extract only the security-relevant sections in a pre-agent step and pass a summary. The agent doesn't need the full entrypoint.sh — it needs the capability-drop section, the chroot setup, and the DNS config.
Implementation — add to the steps: block in security-review.md:
Estimated reduction: entrypoint.sh from 16,500 tokens → ~2,000 tokens (extracted sections); setup-iptables.sh from 6,100 → ~1,500 tokens.
### 2. Remove Unused `mcp-pagination.md` Import
**Estimated savings: ~800 tokens/run (~0.8%)**
The `shared/mcp-pagination.md` import (3,225 chars, ~800 tokens) provides guidance for paginating GitHub MCP responses. The security review workflow uses `bash` for all data gathering and only calls GitHub MCP for `code_security` and `repos` toolsets with small responses (11 API calls total). Pagination guidance is not needed.
**Implementation** — remove from `security-review.md` frontmatter:
```yaml
# Remove this block:
imports:
- shared/mcp-pagination.md
The current Phase 2 bash block runs grep -r --include="*.ts" -l across all of src/ to find files related to network, injection risks, and Docker. This returns file lists which are low-signal. Replace with targeted searches for the specific patterns that matter:
# Only show lines with actual shell injection risk, not just file lists
grep -rn --include="*.ts"'execa\|spawn\|exec(' src/ | grep -v '.test.ts'| head -20
grep -n 'eval\|\$\(\|`' containers/agent/entrypoint.sh | head -20
The prompt requests a full Evidence Collection section with all commands and outputs. This drives large output tokens (the discussion body). Change the requirement to a concise summary:
Current:
### 📋 Evidence Collection
All commands run with their outputs (collapsed sections for brevity).
Improved:
### 📋 Key Evidence
Only include commands whose output directly supports a finding. Omit commands with null results.
5. Reduce Discussion Output Frequency
Estimated savings: 104 AIC every other day (~50% of current cost)
This is the most impactful structural recommendation. Full STRIDE threat modeling of a stable codebase does not change meaningfully day-to-day. Consider:
Change schedule from daily to weekly (cron: 51 6 * * 1 — Mondays)
Or keep daily but alternate: full review weekly, incremental diff review daily
Implementation:
# In security-review.md frontmatter:on:
schedule: weekly # was: dailyworkflow_dispatch:
Expected Impact
Metric
Current
Projected
Savings
Total tokens/run
~104,700
~75,000
~-28%
File reading tokens
~26,700
~3,500
~-87%
Import tokens
~800
0
-100%
AIC/run
104.671
~75
~-28%
Monthly AIC (daily)
~3,140
~2,250 (daily) / ~320 (weekly)
-28% to -90%
Implementation Checklist
Add Extract security-critical code sections step to steps: in security-review.md
Update Phase 2 prompt to reference pre-extracted files instead of cat-ing originals
Remove imports: - shared/mcp-pagination.md from frontmatter
Target Workflow:
security-review(Daily Security Review and Threat Modeling)Source report: Daily Copilot Token Usage Analyzer run #29186588360
Estimated AIC per run: 104.671
Estimated total tokens per run: ~104,700
Runtime: 10.9 minutes
GitHub API calls: 11
Schedule: Daily at 06:51 UTC
Current Configuration
github(toolsets: repos, code_security),bash,cache-memorygithub/tmp/gh-aw/escape-test-summary.txtmcp-pagination.md)containers/agent/entrypoint.sh— 65,929 chars (~16,500 tokens)Root Cause: Massive In-Agent File Reading
The workflow prompts the agent to run a single large bash block that
cats entire source files:This file content enters the context as tool_result messages and stays for the rest of the session, consuming ~26,700 input tokens every single run — regardless of what actually changed in those files.
Recommendations
1. Move File Pre-processing to
steps:(Pre-Agent)Estimated savings: ~20,000–25,000 tokens/run (~20–25%)
Instead of having the agent
catlarge files, extract only the security-relevant sections in a pre-agent step and pass a summary. The agent doesn't need the fullentrypoint.sh— it needs the capability-drop section, the chroot setup, and the DNS config.Implementation — add to the
steps:block insecurity-review.md:Then update the Phase 2 prompt to reference these pre-extracted files instead of running
caton the originals:For full file content of a specific section, use targeted grep with context:
grep -n -A20 'pattern' containers/agent/entrypoint.sh3. Scope the Evidence-Gathering Bash Block
Estimated savings: ~3,000–5,000 tokens/run (~3–5%)
The current Phase 2 bash block runs
grep -r --include="*.ts" -lacross all ofsrc/to find files related to network, injection risks, and Docker. This returns file lists which are low-signal. Replace with targeted searches for the specific patterns that matter:Current (verbose):
Improved (targeted):
4. Reduce Output Size: Collapse Evidence Section
Estimated savings: ~2,000–4,000 output tokens/run (~2–4%)
The prompt requests a full Evidence Collection section with all commands and outputs. This drives large output tokens (the discussion body). Change the requirement to a concise summary:
Current:
### 📋 Evidence Collection All commands run with their outputs (collapsed sections for brevity).Improved:
### 📋 Key Evidence Only include commands whose output directly supports a finding. Omit commands with null results.5. Reduce Discussion Output Frequency
Estimated savings: 104 AIC every other day (~50% of current cost)
This is the most impactful structural recommendation. Full STRIDE threat modeling of a stable codebase does not change meaningfully day-to-day. Consider:
dailytoweekly(cron:51 6 * * 1— Mondays)Implementation:
Expected Impact
Implementation Checklist
Extract security-critical code sectionsstep tosteps:insecurity-review.mdcat-ing originalsimports: - shared/mcp-pagination.mdfrom frontmattergrep -r -lsearches with targeted line-levelgrepcommandsdailytoweeklygh aw compile .github/workflows/security-review.mdWarning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpgSee Network Configuration for more information.