[Board Audit] Board Health Report — 2026-03-17

[github-actions]

Project: zircote/projects/1 | Repos scanned: 22 | Run: 23190430733

⚠️ Board API Unavailable: The GitHub App (zircote-org-monitor) lacks Projects: Read/Write permission for the user-level project. Direct board column reads, mismatch detection, and board item cross-referencing could not be performed. Full board audit requires granting this permission. See CLAUDE.md note under "Medium Priority (P2)".

---

Board Summary

Column	Known Items	Note
To Do	—	Board unreadable (403 Projects API)
In Progress	—	Board unreadable (403 Projects API)
Done	—	Board unreadable (403 Projects API)

Actions Taken

Action	Count
Mismatched items fixed	0 (board unreadable)
Missing items added	0 (board unreadable)
Items flagged for review	9

---

Items Needing Manual Review

The following actionable open items were identified across managed repos. Verify board placement and column assignment manually.

Item	Repo	Recommended Column	Priority	Reason
#153 Security: AWS Access Key exposed	subcog	In Progress	🔴 CRITICAL	AWS key publicly exposed 80+ hrs, zero remediation — revoke immediately
PR #4 ci: bump gh-aw 0.56.2→0.58.3	github-project-manager	In Progress	🔴 High	Fixes Agentic Maintenance CI failure; 5-min merge — quick win
PR #94 ci: bump upload-artifact v4→v7	atlatl	In Progress	🔴 High	Resolves CI failure from upload-artifact breaking change (~20d old)
#10 SDLC Audit: 3 critical violation(s)	sdlc-quality	To Do	🟠 Medium	Score 86/100, 2 critical SDLC violations, open since 2026-01-26
PR #191 deps: bump @redocly/cli 2.20.4→2.21.1	atlatl-spec	In Progress	🟠 Medium	Dependabot dep bump open; spec pages deployment blocked on redocly version
PR #141 ci: bump download-artifact 8.0.0→8.0.1	rlm-rs	In Progress	🟡 Low	Dependabot bump — review CI status before merging (CI broken on main)
#157 feat: User-to-curated memory linking	atlatl-spec	To Do	🟡 Low	Medium priority feature spec work
#46 Daily QA failed (recurring)	adrscope	To Do	🟡 Low	Recurring agentic workflow failure — no discussion categories configured
#16 Daily Documentation Review failed	lro-bench	To Do	🟡 Low	Secret verification failure recurring — check COPILOT_GITHUB_TOKEN configuration

---

Repository Scan Summary

Repo	Open Issues	Open PRs	Notable
zircote/.github	14	0	Automated reports + aw-failure trackers
zircote/subcog	1	5+	🚨 Security alert #153 unresolved
zircote/atlatl-spec	3+	1	Feature issues #155–#157; redocly dep bump
zircote/adrscope	5	0	Recurring Daily QA agentic failures
zircote/rlm-rs	2	2	CI Failure Doctor failed; CI broken after dependabot merge
zircote/lro-bench	2	0	Documentation Review failures (secret config issue)
zircote/MIF	3	0	Automated no-op trackers only
zircote/sdlc-quality	1	0	Compliance audit: 86/100, open since Jan 26
zircote/git-adr	2	0	Automated no-op trackers only
zircote/github-project-manager	0	1	PR #4 ready to merge (gh-aw bump)
zircote/atlatl	0	1	PR #94 upload-artifact v4→v7 fix
zircote/daedalus	1	0	Automated no-op tracker
homebrew-tap, ccpkg, refactor, human-voice, rlm-rs-plugin, memory-capture-plugin, documentation-review, adr, structured-madr, vscode-git-adr	0	0	No open issues

---

Recommended Follow-Up

1. Grant Projects: Read/Write to zircote-org-monitor GitHub App — required for future board audits to function. See .github/gpm-config.yml project URL: https://github.com/users/zircote/projects/1.
2. Revoke subcog AWS credentials immediately — subcog#153 is 80+ hours old with zero response.
3. Merge github-project-manager PR [agentics] Org Repository Monitor failed #4 — clears an ongoing CI failure in under 5 minutes.
4. Review atlatl PR [Review Nudge] Review Status — 2026-03-04 #94 — upload-artifact v4→v7 resolves a 20-day CI failure.

---

Generated by maintenance-board workflow — https://github.com/zircote/.github/actions/runs/23190430733

Generated by Maintenance Board · ◷

[github-actions]

This issue is being closed as outdated. A newer issue has been created: #342

View newer issue

---

This action was performed automatically by the Maintenance Board workflow.