[ci-scan] Helix "Send to Helix" task reports failure but all work items pass

[github-actions]

Caution

Security scanning requires review for CI Outer-Loop Failure Scanner

Details

The threat detection results could not be parsed. The workflow output should be reviewed before merging.

Review the workflow run logs for details.

Build Information

Multiple outer-loop pipelines report failed builds because the "Send to Helix" task exits with a failure code, yet all Helix work items complete successfully with exit code 0.

Affected Pipelines (observed 2026-05-10)

Pipeline	Definition	Build	Failed Jobs (all with 0 failed work items)
runtime-coreclr gcstress-extra	113	1414611	osx arm64, linux arm64, linux x64
runtime-coreclr r2r-extra	114	1414689	linux arm64 R2R
runtime-coreclr libraries-pgo	145	1414905	linux-x64 Release
gc-standalone	146	1414855	GCStandAlone linux x64
runtime-interpreter	316	1413625	osx arm64, windows x64, linux x64

Reproduction

1. Fetch the timeline for any affected build.
2. Find the Job with result == "failed" whose only failed Task is Send tests to Helix.
3. Extract Helix job IDs from the task log (Sent Helix Job: <GUID>).
4. Query https://helix.dot.net/api/jobs/{jobId}/workitems?api-version=2019-06-17 — all work items show ExitCode: 0.

Impact

These false positives cause outer-loop pipelines to appear broken when all tests actually passed. This masks real failures and generates noise in CI dashboards.

Generated by CI Outer-Loop Failure Scanner

Note

🔒 Integrity filter blocked 1 item

The following item was blocked because it doesn't meet the GitHub integrity level.

• #92468 search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by CI Outer-Loop Failure Scanner · ● 49.6M · ◷