Skip to content

Fix workflow prompts: Clarify noop tool must be called, not just described#12434

Merged
pelikhan merged 4 commits intomainfrom
copilot/debug-malicious-code-scan
Jan 29, 2026
Merged

Fix workflow prompts: Clarify noop tool must be called, not just described#12434
pelikhan merged 4 commits intomainfrom
copilot/debug-malicious-code-scan

Conversation

Copy link
Contributor

Copilot AI commented Jan 29, 2026
edited
Loading

Daily malicious code scan agent completed successfully but produced no safe outputs. Agent wrote completion message in text output but never invoked the noop tool.

Root Cause

Prompt said "Use the noop output to log completion" - ambiguous whether to call the tool or write descriptive text. Agent chose wrong interpretation.

Changes

Updated workflow prompts in daily-malicious-code-scan.md and breaking-change-checker.md:

Before:

### If no suspicious patterns are found:
- Use the `noop` output to log completion:

No breaking changes detected...

After:

### If no suspicious patterns are found (REQUIRED):
- **YOU MUST CALL** the `noop` tool to log completion
- This is a **required safe output** - the workflow will fail if you don't call it
- Call the tool with this message structure:
```json
{
  "noop": {
    "message": "No breaking changes detected..."
  }
}
  • DO NOT just write this message in your output text - you MUST actually invoke the noop tool

Also added critical reminder section before final instruction emphasizing tool invocation is required, not optional.

<!-- START COPILOT ORIGINAL PROMPT -->



<details>

<summary>Original prompt</summary>

> 
> ----
> 
> *This section details on the original issue you should resolve*
> 
> <issue_title>[agentics] Daily Malicious Code Scan Agent failed</issue_title>
> <issue_description>### Workflow Failure
> 
> **Workflow:** [Daily Malicious Code Scan Agent](#)  
> **Branch:** main  
> **Run URL:** https://github.com/githubnext/gh-aw/actions/runs/21464620429
> 
> 
> **⚠️ No Safe Outputs Generated**: The agent job succeeded but did not produce any safe outputs. This typically indicates:
> - The safe output server failed to run
> - The prompt failed to generate any meaningful result
> - The agent should have called `noop` to explicitly indicate no action was taken
> 
> 
> 
> ### Action Required
> 
> Debug this workflow failure using the `agentic-workflows` agent:
> 
> ```
> /agent agentic-workflows
> ```
> 
> When prompted, instruct the agent to debug this workflow failure.
> 
> 
> > Generated from [Daily Malicious Code Scan Agent](https://github.com/githubnext/gh-aw/actions/runs/21464620429)
> > - [x] expires <!-- gh-aw-expires: 2026-02-05T03:40:08.238Z --> on Feb 5, 2026, 3:40 AM UTC
> 
> <!-- gh-aw-agentic-workflow: Daily Malicious Code Scan Agent, gh-aw-tracker-id: malicious-code-scan, run: https://github.com/githubnext/gh-aw/actions/runs/21464620429 --></issue_description>
> 
> ## Comments on the Issue (you are @copilot in this section)
> 
> <comments>
> </comments>
> 


</details>



<!-- START COPILOT CODING AGENT SUFFIX -->

- Fixes githubnext/gh-aw#12433

<!-- START COPILOT CODING AGENT TIPS -->
---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our [2 minute survey](https://gh.io/copilot-coding-agent-survey).

Copilot AI and others added 2 commits January 29, 2026 03:56
@pelikhan
Fix daily malicious code scan workflow to emphasize noop tool usage
43679ce 
- Add explicit "CALL" instruction for create_code_scanning_alert tool
- Emphasize noop tool is REQUIRED when no threats found
- Add warning that workflow WILL FAIL without tool call
- Clarify that writing text output is NOT sufficient
- Add critical reminder section before final instruction
- Update success criteria to emphasize tool call requirement

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Fix breaking-change-checker workflow to emphasize noop tool usage
edcbf8c 
- Change "Output a noop message" to "YOU MUST CALL the noop tool"
- Add explicit JSON format example for tool call
- Add warning that workflow will fail without tool call
- Clarify that writing text output is NOT sufficient

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Debug failure in daily malicious code scan agent Fix workflow prompts: Clarify noop tool must be called, not just described Jan 29, 2026
Copilot AI requested a review from pelikhan January 29, 2026 04:05
@pelikhan pelikhan marked this pull request as ready for review January 29, 2026 04:11
@pelikhan pelikhan merged commit ad56a69 into main Jan 29, 2026
52 checks passed
@pelikhan pelikhan deleted the copilot/debug-malicious-code-scan branch January 29, 2026 04:11
@github-actions github-actions bot mentioned this pull request Jan 29, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pelikhan