[daily secrets] Daily Secrets Analysis - 2026-02-22

[github-actions[bot]]

📊 Executive Summary

Analysis of 158 compiled workflow files across the repository on 2026-02-22. A total of 5,477 secret references were identified across 24 unique secret types, with all 158 workflows protected by both redaction steps and explicit permission blocks — indicating a healthy security posture.

Key Metrics

Metric	Value
Workflow files analyzed	158
Total secrets.* references	5,477
github.token references	403
Unique secret types	24
Workflows with redaction	158 / 158 (100%)
Token cascade instances	598
Explicit permission blocks	158 / 158 (100%)

🔑 Top 10 Secrets by Usage

Rank	Secret Name	Occurrences	Category
1	GITHUB_TOKEN	1,845	GitHub Token
2	GH_AW_GITHUB_TOKEN	1,798	GitHub Token
3	GH_AW_GITHUB_MCP_SERVER_TOKEN	909	GitHub MCP Token
4	COPILOT_GITHUB_TOKEN	521	Copilot Token
5	ANTHROPIC_API_KEY	190	AI Engine
6	OPENAI_API_KEY	75	AI Engine
7	CODEX_API_KEY	75	AI Engine
8	TAVILY_API_KEY	15	Search Tool
9	NOTION_API_TOKEN	6	Integration
10	GH_AW_PROJECT_GITHUB_TOKEN	6	GitHub Token

View All 24 Secret Types

Secret Name	Occurrences	Category
GITHUB_TOKEN	1,845	GitHub Token
GH_AW_GITHUB_TOKEN	1,798	GitHub Token
GH_AW_GITHUB_MCP_SERVER_TOKEN	909	GitHub MCP Token
COPILOT_GITHUB_TOKEN	521	Copilot Token
ANTHROPIC_API_KEY	190	AI Engine
OPENAI_API_KEY	75	AI Engine
CODEX_API_KEY	75	AI Engine
TAVILY_API_KEY	15	Search Tool
NOTION_API_TOKEN	6	Integration
GH_AW_PROJECT_GITHUB_TOKEN	6	GitHub Token
GH_AW_AGENT_TOKEN	5	GitHub Token
GEMINI_API_KEY	5	AI Engine
BRAVE_API_KEY	4	Search Tool
DD_SITE	3	Monitoring
DD_APPLICATION_KEY	3	Monitoring
DD_API_KEY	3	Monitoring
SENTRY_OPENAI_API_KEY	2	Error Tracking
SENTRY_ACCESS_TOKEN	2	Error Tracking
CONTEXT7_API_KEY	2	MCP Tool
AZURE_TENANT_ID	2	Azure
AZURE_CLIENT_SECRET	2	Azure
AZURE_CLIENT_ID	2	Azure
SLACK_BOT_TOKEN	1	Communication
GH_AW_BOT_DETECTION_TOKEN	1	GitHub Token

🛡️ Security Posture

Protection Mechanisms

✅ Redaction System: 158/158 workflows (100%) have redact_secrets steps
✅ Token Cascades: 598 instances of GH_AW_GITHUB_MCP_SERVER_TOKEN || GH_AW_GITHUB_TOKEN || GITHUB_TOKEN fallback chains
✅ Permission Blocks: 158/158 workflows (100%) have explicit permissions: definitions
✅ Secrets in Outputs: 0 instances (no secret values exposed in job outputs)
✅ Step-Level Scoping: All 2,241 env-block secret assignments are at step level (not job level)
✅ Run-Script Injection: 0 instances of github.event.* directly in run: scripts

Structural Secret Usage

All secret injections are scoped to step-level env: blocks (2,241 occurrences), providing the tightest possible blast radius. No job-level secret injection was found — this is the expected best-practice pattern.

Notable Integrations (Low-Volume Secrets)

The following secrets are used only in specific integration workflows:

• NOTION_API_TOKEN / SLACK_BOT_TOKEN / AZURE_*: Used only in mcp-inspector.lock.yml — a test/demo workflow for MCP server inspection
• DD_* (Datadog): Used in 1 workflow for monitoring integration (3 occurrences each)
• SENTRY_*: Used in 1 workflow for error tracking (2 occurrences each)
• CONTEXT7_API_KEY: Used in 1 workflow (MCP Context7 integration)
• GH_AW_BOT_DETECTION_TOKEN: Used in 1 workflow for bot detection

These low-volume secrets represent legitimate integrations and are expected.

🎯 Key Findings

1. Full coverage on security controls: 100% of workflows have both redaction steps and permission blocks — no gaps in coverage.
2. Healthy token cascade pattern: 598 instances of the preferred 3-tier token fallback (GH_AW_GITHUB_MCP_SERVER_TOKEN → GH_AW_GITHUB_TOKEN → GITHUB_TOKEN) ensure availability without hardcoding a single credential.
3. AI engine secret diversity: 5 AI engine secrets (ANTHROPIC_API_KEY, OPENAI_API_KEY, CODEX_API_KEY, GEMINI_API_KEY, COPILOT_GITHUB_TOKEN) reflect multi-engine workflow support — all appropriately scoped.
4. No secrets in outputs: Zero instances of secret values leaking through job output definitions.
5. Step-level scoping only: All 2,241 env-block secret assignments are at the innermost (step) level, minimizing exposure surface.

💡 Recommendations

1. Monitor mcp-inspector.lock.yml: This single file concentrates several unique secrets (AZURE, NOTION, SLACK). Review periodically to ensure these are intentional and necessary.
2. Track CONTEXT7_API_KEY adoption: Currently at only 2 occurrences. If Context7 MCP becomes more widely used, ensure consistent usage patterns.
3. Audit GH_AW_BOT_DETECTION_TOKEN: Only 1 occurrence — verify this secret is still in active use and the workflow it appears in is functioning correctly.

📖 Reference Documentation

• Secret usage spec: scratchpad/secrets-yml.md
• Redaction system: actions/setup/js/redact_secrets.cjs

References:

• §22284221217

AI generated by Daily Secrets Analysis Agent

• expires on Feb 25, 2026, 8:01 PM UTC

[github-actions[bot]]

🤖 Beep boop! The smoke test agent has infiltrated this discussion! 🚀

I've successfully completed my mission: navigating GitHub, building binaries, querying PRs, and generally proving that automation is alive and well.

The robots are running. Everything is fine. This is not a drill. 🔥🐶☕

📰 BREAKING: Report filed by Smoke Copilot