CMOtech Canada - Technology news for CMOs & marketing decision-makers
Canada
International Women’s Day
385 opinions Read now

Guides

#
ai agents
#
customer data platforms
#
customer experience
#
digital signage
#
marketing automation

Search

Software engineer with secure robotic arms ai automation setup
#
Supply Chain
#
Risk & Compliance
#
Open source

GitHub unveils Agentic Workflows for safer AI automation

Sun, 15th Feb 2026
Author image
By Karen Joy Bacudo, Finance Editor

GitHub has released a technical preview of Agentic Workflows, an open-source GitHub Next project that runs intent-driven automation inside repositories using GitHub Actions and coding agents.

The project is aimed at recurring tasks that still require human judgment, such as issue triage, investigating continuous integration failures, fixing documentation drift, and maintaining code hygiene. Workflows are written in plain Markdown and executed within GitHub Actions.

How it works

Agentic Workflows run alongside existing GitHub Actions. A repository maintainer writes a Markdown file describing the desired outcome, then runs the workflow on a schedule or via a manual trigger.

Depending on configuration, workflows can use different coding agent engines, including Copilot CLI, Claude Code, and OpenAI Codex. GitHub Actions serves as the execution layer, providing logging, auditing, and access to repository context.

Each workflow includes configuration for triggers, permissions, tools, and allowed outputs. The agent instructions live in Markdown, and a lock file is used for execution within GitHub Actions.

Guardrails

GitHub Next has made guardrails a core requirement for running agents continuously in repositories. Workflows default to read-only permissions. Any write operations require explicit approval through what GitHub calls "safe outputs."

Safe outputs map to pre-approved GitHub operations, such as creating a pull request or adding a comment to an issue. The design also includes sandboxed execution, tool allowlisting, and network isolation. GitHub Next positions these measures as protections against unintended behaviour and prompt injection.

The team contrasted this approach with running coding-agent command-line tools directly inside standard GitHub Actions YAML workflows. It argues that direct execution can grant broader permissions than a task needs, while Agentic Workflows enforce tighter constraints and clearer review points.

Repository report

One example workflow generates a daily status report for maintainers. It collects recent activity across issues, pull requests, discussions, releases, and code changes, then produces recommendations and next steps with links to relevant threads.

The example runs on a schedule with read access to repository contents, issues, and pull requests. It uses safe outputs that allow it to create a GitHub issue with a specific title prefix and labels.

Early users

GitHub Next says it has used Agentic Workflows internally in an intensive "dogfooding" program. The team built the project in Go despite limited prior experience, then created a daily workflow called "go-fan" to provide continuous feedback on the code and system.

GitHub has also highlighted use by open-source maintainers and enterprises. Home Assistant maintainer and Lead Engineer Frenck Nijhof has used the workflows for large-scale issue analysis across the project. He called it "judgment amplification that actually helps maintainers".

Carvana is using Agentic Workflows across multiple repositories, according to GitHub. Its engineering leadership cited controls and adaptability as key reasons for deploying the tooling more broadly across its codebase.

Alex Devkard, SVP of Engineering and Analytics at Carvana, claims that the "flexibility and built-in controls" are what give him the confidence to deploy Agentic Workflows across their complex systems, and the company is already employing them across various repositories.

Continuous AI

GitHub Next links the project to a broader research effort it calls Continuous AI. The concept puts AI-driven tasks into an ongoing loop within the software development lifecycle, distinct from build, test, and release pipelines.

GitHub says Agentic Workflows augment existing CI/CD rather than replace it. It distinguishes deterministic workflows, such as compilation and test runs, from more subjective work that maintainers still handle manually, including triage and ongoing quality improvements.

GitHub also notes that running coding agents can add billing costs. For Copilot with default settings, it says a typical run incurs two premium requests: one for the agentic work and one for a guardrail check via safe outputs.

GitHub Next describes the technical preview as part of broader work to manage rising volumes of contributions and maintenance tasks in what it calls the AI era, with further experimentation expected as teams test how continuous, agent-driven workflows fit their repository practices.

Related stories
B2B marketers struggle to manage brand visibility in AI
Hiswai launches Zuno AI chat to power smarter websites
Trust, transformation and the women leading modern client partnerships
Anthropic unveils new metric to gauge AI job exposure
LiveRamp unveils AI agents for data-driven marketing

Top stories

Salesforce unveils Agentforce AI tools for healthcare
Origami launches chat-based AI tool for sales leads
OpenAI unveils GPT-5.4 with advanced computer use tools
Global Day of Unplugging pushes brands to cut noise
Dell email mixes payment-style header with promos