📊 Copilot Token Usage Report2026-04-10

[github-actions]

Overview

Period: 2026-04-08T23:01Z to 2026-04-10T10:34Z (~35.5 hours)
Runs analyzed: 26 total checked; 5 directly measured (token data), 22 estimated via sampling (Secret Digger)
Total estimated tokens: ~21.9M across all workflows
Estimated total cost: ~$43.32

⚠️ Secret Digger (Copilot) dominates cost: 22 hourly runs (7 failures, 15 successes) account for an estimated ~$41.18 of the daily spend — ~95% of all AI inference cost.
📝 New token tracking: Smoke Services and Build Test Suite had token-usage.jsonl only on the chore/upgrade-ghaw-v0.68.0 PR branch (new gh-aw v0.68.0). Main-branch runs of these workflows do not yet produce token data. Smoke Copilot produces no token-usage.jsonl even with --enable-api-proxy (see gap section).

---

Workflow Summary

Workflow	Runs	Total Tokens	Est. Cost	Cache Rate	I/O Ratio	Top Model
Secret Digger (Copilot)	22 (estimated)	~20.9M	~$41.18	33–47%	118–225:1	claude-sonnet-4.6
Build Test Suite	1	705K	$1.46	40.1%	121:1	claude-sonnet-4.6
Smoke Services	1	336K	$0.68	39.7%	307:1	claude-sonnet-4.6
TOTAL	~26	~21.9M	~$43.32	—	—	—

Pricing: Copilot provider — input $2.50/M, output $10/M, cache_read $1.25/M
Secret Digger sampled 3 of 22 runs (1 failure + 2 successes); estimates use weighted averages.

---

🔍 Optimization Opportunities

1. Secret Digger (Copilot) — High failure cost (12.5× difference)

   • Failure runs average 31 requests / $5.03 vs success runs at 2–5 requests / $0.29–$0.57
   • 7 failures × $5.03 = ~$35.21 of the estimated ~$41.18 total — failures account for ~86% of Secret Digger spend
   • Reducing failures from 7/day to 1–2/day could save ~$25–30/day
   • Recommendation: Investigate the root cause of Secret Digger failures. Consider adding early-exit logic to cap retries at 5–10 requests before returning a failure signal.

2. Secret Digger (Copilot) — High I/O ratio (118–225:1)

   • Input + cache_read tokens dwarf output across all sampled runs, typical of security scanners but worth reviewing
   • The growing context window pattern from previous report (33.9K→69.9K tokens over 32 turns) persists
   • Recommendation: Review whether the system prompt or tool schemas can be trimmed; consider compressing conversation history after each completed file scan.

3. Smoke Services — Very high I/O ratio (307:1)

   • 201K input / 133K cache_read vs only 1,092 output tokens — the workflow asks for a lot but gets very little back
   • Recommendation: Review what MCP tools are loaded at startup; Smoke Services may be loading unused browser tools similar to Smoke Copilot.

4. Moderate cache hit rates across all workflows (33–47%)

   • No workflow achieves the >80% cache hit rate that explicit prompt caching can provide
   • Recommendation: Review whether cache_control breakpoints are set in system prompts and large static tool schemas. All workflows currently rely on automatic server-side caching only (cache_write_tokens: 0 in all samples).

Per-Workflow Details

Secret Digger (Copilot) — Sampled Runs

Run ID	Conclusion	Requests	Tokens	Cache Rate	I/O Ratio	Cost
§24213936643	❌ failure	31	2,579K	46.9%	225:1	$5.03
§24211490707	✅ success	5	279K	38.9%	193:1	$0.57
§24196334848	✅ success	2	103K	33.0%	118:1	$0.22

Estimated from 3-run sample: $5.03/failure and $0.40/success on average.
Applied to all 22 runs (7 failures + 15 successes): ~$41.18 estimated total.

All requests via copilot provider, model claude-sonnet-4.6, streaming=true.

Build Test Suite

• Run: §24222066749 — chore/upgrade-ghaw-v0.68.0 branch, ✅ success
• Requests: 9 (all streaming)
• Model: claude-sonnet-4.6 via copilot provider
• Tokens: 705K total
  • Input: 418.9K (59.4%)
  • Output: 5.8K (0.8%)
  • Cache read: 280.4K (39.8%)
  • Cache write: 0K
• Cache hit rate: 40.1%
• I/O ratio: 121:1
• Avg latency: 7,781ms/request
• Estimated cost: $1.46
• Time range: 2026-04-10T01:42 – 2026-04-10T01:44

Smoke Services

• Run: §24222066738 — chore/upgrade-ghaw-v0.68.0 branch, ❌ failure
• Requests: 6 (all streaming)
• Model: claude-sonnet-4.6 via copilot provider
• Tokens: 336K total
  • Input: 201.8K (60.1%)
  • Output: 1.1K (0.3%)
  • Cache read: 133.0K (39.6%)
  • Cache write: 0K
• Cache hit rate: 39.7%
• I/O ratio: 307:1
• Avg latency: 4,360ms/request
• Estimated cost: $0.68
• Time range: 2026-04-10T01:42 – 2026-04-10T01:43

Workflows Without Token Data

The following workflows were checked but produced no token-usage.jsonl:

Workflow	Runs	Reason
Smoke Copilot	3 (main/PR)	--enable-api-proxy used but no api-proxy-logs/token-usage.jsonl in firewall-audit-logs artifact — possible logging gap when routing through DIFC proxy (--difc-proxy-host)
Smoke Services (main branch)	2	Runs on main branch use older gh-aw without token tracking
Smoke Copilot (PR branch)	2	No token-usage.jsonl despite --enable-api-proxy (same DIFC proxy gap)
Build Test Suite (main branch)	1	No token data on main branch run
Smoke Chroot	2	No artifacts uploaded — likely doesn't use --enable-api-proxy
Agentic Maintenance	4	No artifacts — runs without AWF/api-proxy
Documentation Maintainer	1	No artifacts uploaded
Firewall Issue Dispatcher	2	No api-proxy-logs in artifacts
Plan Command	1	skipped status

🐛 Smoke Copilot logging gap: smoke-copilot uses --enable-api-proxy but token-usage.jsonl is missing from its firewall-audit-logs artifact. The DIFC proxy (--difc-proxy-host) may be intercepting requests before they reach the api-proxy token tracker, or the cli-proxy is bypassing the token-tracker middleware. The cli-proxy-logs/access.log is present but api-proxy-logs/token-usage.jsonl is absent in all sampled runs.

---

Historical Trend

Date	Est. Cost	Est. Tokens	Main Cost Driver	Notes
2026-04-10	~$43.32	~21.9M	Secret Digger (22 runs, 7 fail)	PR branch: +Build Test + Smoke Services
2026-04-08	$6.54	3,356K	Secret Digger (1 run, 1 fail)	Most runs pending PR approval
2026-04-07	$19.82	10,202K	Multiple	High PR activity day
2026-04-05	$2.02	1,399K	Pelis Agent Factory	api-proxy data
2026-04-04	$1.16	752K	Secret Digger Copilot	Single run

📈 Trend note: Today's estimated $43.32 appears much higher than the previous day's $6.54, but this is primarily because the reporting window is 35.5 hours (vs 24h) and captures 22 Secret Digger runs (it runs hourly). At a normalized daily rate, Secret Digger alone costs ~$28/day. The failure rate (7/22 = 32%) is the key driver — reducing failures to <10% would reduce daily cost to ~$8.

Previous Report

Issue #1818 — 2026-04-08

References:

• §24238680823 — this report's workflow run
• §24213936643 — Secret Digger failure, $5.03
• §24222066749 — Build Test Suite, $1.46

Generated by Daily Copilot Token Usage Analyzer · ● 5.1M · ◷

[github-actions]

This issue is being closed as outdated. A newer issue has been created: #1900

View newer issue

---

This action was performed automatically by the Daily Copilot Token Usage Analyzer workflow.