[integrity-audit] AI Moderator workflow probes chatgpt.com / ab.chatgpt.com

[lpcox]

Problem

The Integrity Filtering Audit (source issue) identified that the AI Moderator workflow makes outbound connection attempts to chatgpt.com and ab.chatgpt.com, which are blocked by the Agent Workflow Firewall (AWF).

Evidence

From run 24418807601 and 24420822519:

⚠️ Warning: I tried to connect to the following addresses, but was blocked by firewall rules:
- chatgpt.com
- ab.chatgpt.com

The connections are blocked (the firewall is working correctly), but the fact that the code attempts these connections at all warrants investigation.

Analysis

• The AI Moderator workflow likely has an npm dependency that phones home to chatgpt.com / ab.chatgpt.com — possibly an OpenAI SDK or related package performing telemetry, analytics, or configuration fetches.
• api.openai.com is in the workflow's network allow list (presumably intentional for the moderation API), but chatgpt.com and ab.chatgpt.com are not.
• The workflow runs successfully despite the blocks, suggesting these are non-critical telemetry or analytics calls.

Recommended Actions

1. Audit npm dependencies in the AI Moderator workflow for any package that contacts chatgpt.com or ab.chatgpt.com. Check OpenAI SDK configuration for telemetry opt-out.
2. Determine intent: If these calls are telemetry/analytics from an SDK, disable them via environment variable or configuration (e.g., OPENAI_LOG=off or similar).
3. Review api.openai.com: Confirm whether it should remain in the allow list or be routed through the MCP Gateway for auditability.
4. Consider adding chatgpt.com to a deny-log list so future probes are tracked without silently failing.

References

• Audit source: gh-aw-mcpg#3809 (W-1a finding)
• Affected runs: 24418807601, 24420822519

[lpcox]

@pelikhan not sure if this is anything

[pelikhan]

@lpcox I suspect OpenAI telemetry