Risks and mitigations for GitHub Copilot coding agent

Copilot 코딩 도우미 is an autonomous agent that has access to your code and can push changes to your repository. This entails certain risks.

Where possible, GitHub has applied appropriate mitigations. This gives Copilot 코딩 도우미 a strong base of built-in security protections that you can supplement by following best practice guidance.

Unvalidated code can introduce vulnerabilities

기본적으로 Copilot 코딩 도우미는 생성한 코드에 보안 문제가 없는지 검토하고 Copilot 코드 검토를 통해 코드에 대한 추가적인 검토를 받습니다. 끌어오기 요청을 완료하기 전에 식별된 문제를 해결하려고 시도합니다. 이렇게 하면 코드 품질이 향상되고 Copilot 코딩 도우미에서 생성되는 코드가 하드 코딩된 비밀, 안전하지 않은 종속성 및 기타 취약성과 같은 문제를 발생시킬 가능성을 줄입니다. Copilot 코딩 도우미's security validation does not require a GitHub Secret Protection, GitHub Code Security, or GitHub Advanced Security license.

CodeQL is used to identify code security issues.
Newly introduced dependencies are checked against the GitHub Advisory Database for malware advisories, and for any CVSS-rated High or Critical vulnerabilities.
Secret scanning is used to detect sensitive information such as API keys, tokens, and other secrets.
Details about the analysis performed and the actions taken by Copilot 코딩 도우미 can be reviewed in the session log. See GitHub 코필로트의 세션 추적.

Optionally, you can disable one or more of the code quality and security validation tools used by Copilot 코딩 도우미. See GitHub Copilot 코딩 에이전트에 대한 설정 구성.

Copilot 코딩 도우미 can push code changes to your repository

To mitigate this risk, GitHub:

Limits who can trigger the agent. Only users with write access to the repository can trigger Copilot 코딩 도우미 to work. Comments from users without write access are never presented to the agent.
Limits the branch the agent can push to. Copilot 코딩 도우미 only has the ability to push to a single branch. When the agent is triggered by mentioning @copilot on an existing pull request, Copilot has write access to the pull request's branch. In other cases, a new copilot/ branch is created for Copilot, and the agent can only push to that branch. The agent is also subject to any branch protections and required checks for the working repository.
Limits the agent's credentials. Copilot 코딩 도우미 can only perform simple push operations. It cannot directly run git push or other Git commands.
Requires human review before merging. Draft pull requests created by Copilot 코딩 도우미 must be reviewed and merged by a human. Copilot 코딩 도우미 cannot mark its pull requests as "Ready for review" and cannot approve or merge a pull request.
Restricts GitHub Actions workflow runs. By default, workflows are not triggered until Copilot 코딩 도우미's code is reviewed and a user with write access to the repository clicks the Approve and run workflows button. Optionally, you can configure Copilot to allow workflows to run automatically. See GitHub Copilot가 생성한 풀 리퀘스트 검토.
Prevents the user who asked Copilot 코딩 도우미 to create a pull request from approving it. This maintains the expected controls in the "Required approvals" rule and branch protection. See 규칙 세트에 사용 가능한 규칙.

Copilot 코딩 도우미's commits are authored by Copilot, with the developer who assigned the issue or requested the change to the pull request marked as the co-author. This makes it easier to identify code generated by Copilot 코딩 도우미 and who started the task.
Session logs and audit log events are available to administrators.
The commit message for each agent-authored commit includes a link to the agent session logs, for code review and auditing. See GitHub 코필로트의 세션 추적.

Risks and mitigations for GitHub Copilot coding agent

이 기사에서

Unvalidated code can introduce vulnerabilities

Copilot 코딩 도우미 can push code changes to your repository

Copilot 코딩 도우미 has access to sensitive information

AI prompts can be vulnerable to injection

Administrators can lose sight of agents' work