📊 Agentic Workflow Lock File Statistics - February 8, 2026

[github-actions[bot]]

Executive Summary

• Total Lock Files: 147 workflows
• Total Size: 8.7 MB (8,704,998 bytes)
• Average File Size: 59.2 KB
• Analysis Date: 2026-02-08

This comprehensive analysis examines all .lock.yml files in the .github/workflows/ directory to identify usage patterns, popular triggers, safe outputs, structural characteristics, and trends over time.

File Size Distribution

Size Range	Count	Percentage	Description
< 30 KB	6	4.1%	Tiny (test workflows, examples)
30-50 KB	6	4.1%	Small (simple workflows)
50-70 KB	117	79.6%	Medium (typical workflows)
70-90 KB	15	10.2%	Large (complex workflows)
≥ 90 KB	3	2.0%	Extra-large (smoke tests)

Key Statistics:

• Smallest: codex-github-remote-mcp-test.lock.yml (23 KB)
• Largest: smoke-claude.lock.yml (99 KB)
• Median Range: 50-70 KB (79.6% of workflows)

View Smallest and Largest Workflows

5 Smallest Workflows:

1. codex-github-remote-mcp-test.lock.yml - 23 KB
2. example-permissions-warning.lock.yml - 23 KB
3. firewall.lock.yml - 23 KB
4. test-workflow.lock.yml - 23 KB
5. example-custom-error-patterns.lock.yml - 24 KB

5 Largest Workflows:

1. smoke-claude.lock.yml - 99 KB
2. smoke-copilot.lock.yml - 94 KB
3. poem-bot.lock.yml - 94 KB
4. smoke-opencode.lock.yml - 82 KB
5. daily-performance-summary.lock.yml - 82 KB

---

Trigger Analysis

Most Popular Triggers

Trigger Type	Count	Percentage	Usage
workflow_dispatch	130	88.4%	Manual trigger capability
schedule	106	72.1%	Automated scheduling
pull_request	14	9.5%	PR automation
issues	13	8.8%	Issue automation
discussion_comment	5	3.4%	Discussion responses
discussion	4	2.7%	Discussion events
push	1	0.7%	Push events

Key Insight: 88.4% of workflows support manual triggering via workflow_dispatch, making the system highly interactive and testable.

Common Trigger Combinations

Combination	Count	Percentage
schedule + workflow_dispatch	98	66.7%
workflow_dispatch only	18	12.2%
schedule + workflow_dispatch + pull_request	6	4.1%
issues only	4	2.7%
workflow_dispatch + issues	3	2.0%
Multi-event (issues + PR + discussion)	3	2.0%

Pattern: The most common pattern (66.7%) combines scheduled automation with manual override capability.

View Schedule Patterns (Cron)

Most Common Schedule Times (all weekday-only patterns):

Schedule	Count	Description
0 14 * * 1-5	4	2:00 PM UTC, weekdays
0 13 * * 1-5	4	1:00 PM UTC, weekdays
0 11 * * 1-5	4	11:00 AM UTC, weekdays
0 9 * * 1-5	3	9:00 AM UTC, weekdays
0 7 * * 1-5	2	7:00 AM UTC, weekdays

Pattern: Schedules are intentionally scattered throughout the day (7 AM - 4 PM UTC) to distribute load. Most workflows run on weekdays only (Monday-Friday).

Interesting Schedules:

• */30 * * * * - Every 30 minutes (1 workflow)
• 59 */6 * * * - Every 6 hours at :59 minutes (1 workflow)
• 0 9 * * 2,4 - Tuesday and Thursday only (1 workflow)

---

Safe Outputs Analysis

Safe outputs are the primary mechanism for workflows to produce visible results (issues, discussions, comments, etc.).

Safe Output Types Distribution

Type	Count	Percentage	Purpose
noop	140	95.2%	Status/completion messages
missing_tool	140	95.2%	Report missing capabilities
missing_data	140	95.2%	Report missing information
add-comment	25	17.0%	Add comments to issues/PRs

Key Finding: All workflows use the "safeoutputs" pattern with noop, missing_tool, and missing_data tools for reporting. Only 17% use the add-comment capability for interactive feedback.

Notable: While the analysis detected safe output tool availability, only 25 workflows (17%) actively use the commenting capability, suggesting most workflows prefer creating discussions or issues over commenting on existing items.

---

Structural Characteristics

Job Complexity

Average Workflow Structure:

• Jobs per Workflow: 7.93 jobs (average)
• Steps per Workflow: 58.1 steps (average)
• Steps per Job: ~7.3 steps (calculated)

Distribution:

Jobs	Workflows	Percentage
3	4	2.7%
4	2	1.4%
6	9	6.1%
7	44	29.9%
8	41	27.9%
9	29	19.7%
10	13	8.8%
12+	5	3.4%

Most Common: 7-8 jobs per workflow (57.8% of all workflows)

View Most and Least Complex Workflows

Most Complex (by job count):

1. scout.lock.yml - 14 jobs
2. q.lock.yml - 13 jobs
3. pr-nitpick-reviewer.lock.yml - 13 jobs
4. cloclo.lock.yml - 13 jobs
5. firewall-escape.lock.yml - 12 jobs

Least Complex:

1. codex-github-remote-mcp-test.lock.yml - 3 jobs
2. example-permissions-warning.lock.yml - 3 jobs
3. firewall.lock.yml - 3 jobs
4. test-workflow.lock.yml - 3 jobs
5. chroma-issue-indexer.lock.yml - 4 jobs

By step count (most steps):

1. daily-copilot-token-report.lock.yml - 100 steps
2. audit-workflows.lock.yml - 95 steps
3. copilot-pr-nlp-analysis.lock.yml - 92 steps
4. poem-bot.lock.yml - 92 steps
5. unbloat-docs.lock.yml - 92 steps

Typical Lock File Structure

Based on statistical analysis, a typical .lock.yml file has:

• Size: ~59 KB
• Jobs: 7-8 jobs
• Steps: ~58 steps
• Triggers: schedule + workflow_dispatch (66.7% pattern)
• Permissions: contents: read, discussions: write, issues: write, pull-requests: write
• Timeout: 15-20 minutes per job
• Concurrency: Uses workflow-level concurrency group (100%)

---

Permission Patterns

Most Common Permissions

Permission	Workflows	Type	Usage
contents: read	147	Read	Repository access (100%)
discussions: write	140	Write	Create/update discussions (95%)
issues: write	140	Write	Create/update issues (95%)
pull-requests: write	140	Write	Comment on PRs (95%)
contents: write	62	Write	Commit changes (42%)

Security Pattern: All workflows request minimal contents: read permission. Write access to contents is granted to only 42% of workflows, showing a principle of least privilege.

Key Insight: 95% of workflows have write permissions for discussions, issues, and pull requests, indicating the primary output mechanism is GitHub's collaboration features rather than code changes.

---

Tool & MCP Patterns

Most Used MCP Servers

MCP Server	Mentions	Usage
github	1,855	GitHub API operations
playwright	110	Browser automation

Note: The github MCP server is heavily used across all workflows (avg ~12.6 mentions per workflow), indicating extensive GitHub API integration.

Concurrency Patterns

• Workflows with Concurrency Groups: 147 (100%)
• Most Common Pattern: group: "gh-aw-${{ github.workflow }}"

Insight: Every workflow uses concurrency control to prevent simultaneous runs of the same workflow, ensuring resource efficiency and preventing conflicts.

---

Timeout Configuration

Timeout Distribution

Timeout (minutes)	Job Count	Percentage
5	10	1.8%
10	181	32.0%
15	165	29.2%
20	160	28.3%
30	29	5.1%
45	12	2.1%
60	3	0.5%
90	1	0.2%
180	1	0.2%

Average Timeout: ~16.5 minutes per job

Pattern: 89.5% of jobs use 10-20 minute timeouts, indicating most agentic tasks complete within this window.

---

Interesting Findings

1. High Interactivity: 88% of workflows support manual triggering, making the system highly testable and interactive.

2. Weekday-Focused Automation: Scheduled workflows predominantly run on weekdays (Monday-Friday), with times scattered between 7 AM - 4 PM UTC to distribute load.

3. Consistent Job Structure: 58% of workflows have 7-8 jobs, suggesting a standardized workflow template or pattern (likely: pre_activation, activation, agent, collect_output, and engine-specific jobs).

4. Multi-Trigger Complexity: Only 5 workflows have 4+ trigger types, with scout.lock.yml, q.lock.yml, pr-nitpick-reviewer.lock.yml, and cloclo.lock.yml being the most versatile.

5. Smoke Test Outliers: The 3 largest workflows (90+ KB) are smoke tests (smoke-claude, smoke-copilot, smoke-opencode), indicating comprehensive testing suites.

6. Universal Concurrency: 100% adoption of concurrency groups shows mature workflow design preventing race conditions.

7. Low Write Access: Only 42% of workflows have contents: write permission, but 95% can write to discussions/issues, showing a preference for communication over code modification.

---

Historical Trends

Comparing with previous analysis from 2026-02-07:

Metric	2026-02-07	2026-02-08	Change
Total Lock Files	147	147	No change
Total Size	9.26 MB	8.70 MB	-5.7% ⬇️
Average Size	63.0 KB	59.2 KB	-6.0% ⬇️
Smallest File Size	22.6 KB	23 KB	+1.8%
Largest File Size	109 KB	99 KB	-9.2% ⬇️
Total Jobs	1,165	1,166	+1 job
Avg Jobs/Workflow	7.93	7.93	No change
Total Steps	10,511	8,542	-18.7%

Key Trend: Workflows have become more efficient - total size decreased by 5.7% while maintaining the same number of files and job structure. The decrease in total steps (18.7%) suggests optimization or removal of redundant steps.

Observation: The largest file size decreased from 109 KB to 99 KB, indicating recent optimizations to the most complex workflows.

---

Recommendations

1. Template Standardization: With 58% of workflows using 7-8 jobs, consider documenting this as the "standard workflow pattern" to help new workflow authors.

2. Timeout Optimization: 90% of jobs use 10-20 minute timeouts. Consider analyzing actual runtime to see if timeouts can be reduced further for faster failure detection.

3. Load Distribution: Schedule patterns show good time distribution (7 AM - 4 PM UTC). Continue this pattern to avoid CI/CD resource contention.

4. Size Monitoring: Track the size trend over time. The recent 5.7% decrease is positive, but ensure critical functionality isn't being removed.

5. Trigger Usage: Only 9.5% of workflows use pull_request triggers. Consider expanding automated PR workflows if code review automation would be beneficial.

6. Permission Review: The 42% of workflows with contents: write should be audited to ensure they truly need write access.

---

Methodology

• Analysis Tool: Bash scripts with text processing (grep, awk, sed)
• Lock Files Analyzed: 147 workflows
• Cache Memory: Used for script persistence and historical trend data
• Data Sources: .github/workflows/*.lock.yml
• Historical Comparison: Data from 2026-02-07 (previous run)
• Verification: Cross-checked multiple data extraction methods for accuracy

---

References:

• Workflow Run: §21795004501

Analysis performed on 2026-02-08 08:24:05 UTC

AI generated by Lockfile Statistics Analysis Agent

• expires on Feb 15, 2026, 8:28 AM UTC

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-15T08:28:12.160Z.

Closed by Workflow