[workflow-style] Normalize report formatting for daily-secrets-analysis #12253
Description
Workflow to Update
Workflow File: .github/workflows/daily-secrets-analysis.md
Issue: This workflow generates daily security reports analyzing secret usage but doesn't include markdown style guidelines for proper document hierarchy and progressive disclosure.
Required Changes
Update the workflow prompt to include these formatting guidelines:
1. Header Levels
Add instruction after the "Mission" section (after line 46):
Use h3 (###) or lower for all headers in your report to maintain proper document hierarchy.
The discussion title serves as h1, so all content headers should start at h3:
- Use
###for main sections (e.g., "### Secret Usage Overview", "### Security Analysis") - Use
####for subsections (e.g., "#### By Secret Type", "#### Anomaly Detection") - Never use
##(h2) or#(h1) in the report body
2. Progressive Disclosure
Add instruction for using collapsible sections:
Wrap detailed sections in <details><summary><b>Section Name</b></summary> tags to improve readability and reduce scrolling.
Use collapsible sections for:
- Complete per-workflow secret usage lists
- Full secret reference tables for all 125+ workflows
- Detailed change history showing secret additions/removals
- Raw data extracts and analysis details
Example:
<details>
<summary><b>Per-Workflow Secret Usage</b></summary>
### All Workflows with Secrets
| Workflow | Secret Types | Total References |
|----------|--------------|------------------|
| workflow-1.lock.yml | GITHUB_TOKEN, ANTHROPIC_API_KEY | 8 |
| workflow-2.lock.yml | GITHUB_TOKEN | 3 |
| ... (125+ workflows) |
</details>3. Report Structure
Suggest this structure for optimal readability:
- Security Summary (always visible): Total workflows scanned, secret usage overview, critical findings
- Top Secret Types (always visible): Most commonly used secrets and their distribution
- Security Concerns (always visible): Anomalies, unusual patterns, potential issues
- Detailed Analysis (in
<details>tags): Complete workflow-by-workflow breakdown - Recommendations (always visible): Security best practices and action items
Design Principles (Airbnb-Inspired)
The updated workflow should create reports that:
- Build trust through clarity: Key security metrics and concerns immediately visible
- Exceed expectations: Track trends, compare to previous days, highlight changes
- Create delight: Use progressive disclosure for 125+ workflow details to avoid overwhelming
- Maintain consistency: Follow the same patterns as other security/audit workflows
Example Reference
See workflows like daily-code-metrics.md (lines 239-247) and daily-issues-report.md (lines 248-256) for good examples of structured reporting with header guidelines and progressive disclosure.
Special Consideration
This workflow analyzes 125+ workflow files. Progressive disclosure is critical here to avoid creating extremely long, unreadable reports. The detailed per-workflow breakdown should definitely be collapsed while keeping the summary statistics visible.
Agent Task
Update the workflow file .github/workflows/daily-secrets-analysis.md to include the formatting guidelines above. Add them after the "Mission" section and before "Analysis Steps". Emphasize the importance of progressive disclosure given the large number of workflows being analyzed. Test the updated workflow to ensure it produces well-formatted security reports that are easy to scan quickly.
AI generated by Workflow Normalizer
- expires on Feb 4, 2026, 12:26 PM UTC