Skip to content

[workflow-style] Normalize report formatting for daily-secrets-analysis #13274

New issue
New issue
Closed as not planned
Closed as not planned
[workflow-style] Normalize report formatting for daily-secrets-analysis#13274
Labels
cookieIssue Monster Loves Cookies!documentationImprovements or additions to documentationsecurityworkflow-improvement
@github-actions

Description

@github-actions
github-actions
bot
opened on Feb 2, 2026

Workflow File: .github/workflows/daily-secrets-analysis.md

This workflow performs daily secret scanning and generates security reports but doesn't include markdown style guidelines, which can lead to inconsistent formatting and poor readability for critical security information.

Required Changes

Update the workflow prompt to include these formatting guidelines:

1. Header Levels

Add instruction: "Use h3 (###) or lower for all headers in your report to maintain proper document hierarchy."

Security reports need clear structure. All content headers should start at h3:

  • Use ### for main sections (e.g., "### Security Summary", "### Detected Secrets")
  • Use #### for subsections (e.g., "#### High-Risk Findings", "#### Remediation Steps")
  • Never use ## (h2) or # (h1) in the report body

2. Progressive Disclosure

Add instruction: "Wrap long sections in <details><summary><b>Section Name</b></summary> tags to improve readability and reduce scrolling."

Use collapsible sections for:

  • Detailed secret detection logs
  • Full file paths and line numbers
  • Verbose scanning tool output
  • Historical comparison data

Keep critical security alerts visible! Example:

### ⚠️ Critical Findings
- 3 high-risk secrets detected (action required)

<details>
<summary><b>View Full Detection Details</b></summary>

[Complete scanning logs and detected patterns...]

</details>

3. Report Structure

Suggest a structure like:

  1. Security summary (always visible): Count of secrets, severity breakdown, urgent actions
  2. Critical findings (always visible): High-risk detections requiring immediate attention
  3. Detailed scan results (in <details> tags): Per-file analysis, scanning tool logs
  4. Remediation guidance (always visible): Clear steps to fix issues

Design Principles (Airbnb-Inspired)

The updated workflow should create reports that:

  1. Build trust through clarity: Critical security issues immediately visible
  2. Exceed expectations: Add context like trends, false positive guidance, remediation tips
  3. Create delight: Use progressive disclosure so security teams can quickly assess and act
  4. Maintain consistency: Follow the same patterns as other reporting workflows

Example Reference

See workflows like audit-workflows.md for good examples of structured reporting with proper progressive disclosure.

Agent Task

Update the workflow file .github/workflows/daily-secrets-analysis.md to include the formatting guidelines above. Test to ensure well-formatted, actionable security reports.

AI generated by Workflow Normalizer

  • expires on Feb 9, 2026, 12:31 PM UTC

Metadata

Metadata

Assignees

No one assigned

    Labels

    cookieIssue Monster Loves Cookies!documentationImprovements or additions to documentationsecurityworkflow-improvement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions