Skip to content

Add agent governance policy and CI workflow with artifact scanning#2186

Closed
toptiersalespro wants to merge 2 commits into
github:mainfrom
toptiersalespro:ooda/agent-gov-ci
Closed

Add agent governance policy and CI workflow with artifact scanning#2186
toptiersalespro wants to merge 2 commits into
github:mainfrom
toptiersalespro:ooda/agent-gov-ci

Conversation

@toptiersalespro

Copy link
Copy Markdown

…acts (OODA plan)

Pull Request Checklist

  • I have read and followed the CONTRIBUTING.md guidelines.
  • I have read and followed the Guidance for submissions involving paid services.
  • My contribution adds a new instruction, prompt, agent, skill, workflow, or canvas extension file in the correct directory.
  • The file follows the required naming convention.
  • The content is clearly structured and follows the example format.
  • I have tested my instructions, prompt, agent, skill, workflow, or canvas extension with GitHub Copilot.
  • I have run npm start and verified that README.md is up to date.
  • I am targeting the main branch for this pull request.

Description


Type of Contribution

  • New instruction file.
  • New prompt file.
  • New agent file.
  • New plugin.
  • New skill file.
  • New agentic workflow.
  • New canvas extension.
  • Update to existing instruction, prompt, agent, plugin, skill, workflow, or canvas extension.
  • Other (please specify):

Additional Notes


By submitting this pull request, I confirm that my contribution abides by the Code of Conduct and will be licensed under the MIT License.

…acts (OODA plan)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 2, 2026 01:40
@github-actions github-actions Bot added new-submission PR adds at least one new contribution workflow PR touches workflow automation labels Jul 2, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds initial governance and CI scaffolding intended to evaluate agent-related changes and produce scan artifacts for the awesome-copilot repository.

Changes:

  • Adds a repository governance policy YAML describing allowed/blocked skills and enforcement expectations.
  • Introduces a new PR-triggered GitHub Actions workflow to run “agentic evaluation” (currently via a PowerShell stub runner).
  • Adds a PowerShell script to run the acquire-codebase-knowledge scan and write a JSON report.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.

File Description
scripts/scan-repo.ps1 Adds a repo scan script that writes acquire-codebase-knowledge output to reports/.
governance/agent-policy.yaml Defines an initial allow/block policy for agent skills and tool/secrets constraints.
.github/workflows/agentic-eval.yml Adds a PR workflow to run skill validation and then a stub “agentic eval” runner.
.github/scripts/run-agentic-eval.ps1 Adds a stub runner that tries to locate an eval runner script and otherwise exits successfully.

@@ -0,0 +1,20 @@
# Stub runner: try known paths for an agentic-eval runner; fall back to skill validate
$repoRoot = (Resolve-Path "..\..").Path
Comment on lines +16 to +19
} else {
Write-Output "No agentic-eval runner found. Falling back to skill:validate (already run in workflow)."
Write-Output "This workflow is a draft/stub. Implement agentic-eval runner under skills/agentic-eval/scripts or eng/ to enable full evaluation."
exit 0
Comment thread .github/workflows/agentic-eval.yml Outdated
Comment on lines +16 to +19
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
Comment thread scripts/scan-repo.ps1
Comment on lines +9 to +10
python .\skills\acquire-codebase-knowledge\scripts\scan.py | Out-File -Encoding utf8 reports\acquire_scan.json
if ($?) { Write-Output "Scan complete: reports\acquire_scan.json" } else { Write-Error "Scan failed" }
Comment on lines +16 to +17
blocked_skills:
- auto-apply-code-changes-unreviewed
@toptiersalespro

Copy link
Copy Markdown
Author

Requesting review from CODEOWNERS and maintainers: this PR adds agent governance policy, agentic-eval CI workflow stub, and scan artifacts as part of the OODA M1 rollout. Please review and approve or provide feedback. See session plan at path: C:/Users/kylet/.copilot/session-state/a5e15630-5ec8-4de8-8905-a46f60bb89b7/plan.md

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 2, 2026 01:50

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

Comment on lines +16 to +20
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'

Comment on lines +27 to +28
- name: Run agentic-eval (stub runner)
run: pwsh -File .github/scripts/run-agentic-eval.ps1
Comment on lines +2 to +6
$repoRoot = (Resolve-Path "..\..").Path
Write-Output "Repo root: $repoRoot"

$pyRunner = Join-Path $repoRoot "skills\agentic-eval\scripts\run.py"
$nodeRunner = Join-Path $repoRoot "eng\run-agentic-eval.mjs"
Comment on lines +16 to +20
} else {
Write-Output "No agentic-eval runner found. Falling back to skill:validate (already run in workflow)."
Write-Output "This workflow is a draft/stub. Implement agentic-eval runner under skills/agentic-eval/scripts or eng/ to enable full evaluation."
exit 0
}
Comment thread scripts/scan-repo.ps1
Comment on lines +5 to +12
Push-Location $RepoPath
if (!(Test-Path reports)) { New-Item -ItemType Directory -Path reports > $null }

# Run the built-in acquire-codebase-knowledge scan and save JSON output
python .\skills\acquire-codebase-knowledge\scripts\scan.py | Out-File -Encoding utf8 reports\acquire_scan.json
if ($?) { Write-Output "Scan complete: reports\acquire_scan.json" } else { Write-Error "Scan failed" }

Pop-Location
@aaronpowell aaronpowell closed this Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

new-submission PR adds at least one new contribution workflow PR touches workflow automation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants