Modifications needed for AppSecWorkflow automations

Having worked triage rotation this week for appsec and used the new traiger dashboard, I observed the following behavior that should be investigated and corrected:

• This MR is for PSIRT but is using a template that asks them to add AppSecWorkflow::new which leads to these issues appearing in our APPSEC->Pinged (New) queue in the dashboard when they are for PSIRT.

  • Additionally, this should not be an SLA breach because Kat responded within our SLA.

• This MR Is showing in both Pinged (New) and Custom SAST queues in the dashboard, not sure why When the thread that pinged AppSec for SAST rule violations is resolved, automation should change appsec-sast-ping to resolved and, if the AppSecWorkflow label is set, this label should be moved to complete

• [This MR](https://docs.google.com/document/d/1nBCwW7zTEmXdwUipj9LdSoPUXAxoEksRP8iS82old18/edit#2087 - feat: add OAuth2 authentication flow for MCP server connections) has AppSecResolutoinSLA::breached so it is showing under Pinged (new) -> Breached. The AppSecWorkflow::complete label has been applied, so I would expect it to disappear from the Pinged (new) queue in the dashboard.

• The following Issues were marked AppSecWorkflow::complete but are still in Pinged (New) queue in the dashboard. I believe they should no longer show up in this queue:

  • #519611 - Define Owners of Application Secrets developer documentation
  • #567267 - GitLab Workspace Proxy exposes sensitive authentication credentials via CMD line arguments
  • #567847 - Some mutations have read_api scope