1 / 43
Speaker Notes
✓ Saved
🤖

GitHub Copilot Hackathon

Cody Carlson – Sr SE Global Black Belt, Microsoft
Anurag Karuparti – Sr Cloud Solutions Architect, Microsoft

Welcome everyone! We have an exciting 2-day hackathon ahead — Day 1 is lightning sessions and hands-on labs, Day 2 is building your own use cases.
📅

Agenda

2-Day Hackathon: Learn, Build, Ship

Hackathon Schedule

🌐 Timezone:
The agenda is loaded from agenda.json — edit that file to customize times, sessions, and descriptions without touching the HTML. Use the timezone dropdown to adjust for your audience.
🧭

GitHub Copilot
Overview

AI-powered development — from code completion to autonomous agents

Copilot Feature Matrix

Feature support across IDEs and platforms

Feature VS CodeCLIJetBrainsVSNeovimXcodeEclipseGitHub.com
Code completion
Copilot Chat
Model picker🔵
Agent mode
MCP
Skills
Extensions
Code review
Custom instructions🔵🔵🔵
Next edit suggestions🔵🔵🔵
Edit mode
Vision
Prompt files🔵🔵
Code referencing
PR summaries
Text completions
Copilot Spaces
Copilot Coding Agent(delegate)
Issues & Discussions
✅ = GA   🔵 = Preview   — = Not applicable   ⚪ = Not supported   |   💡 VS Code receives updates first. This matrix is always changing — check docs.github.com/copilot/reference/copilot-feature-matrix  ·  📱 GitHub Mobile also includes Copilot Chat
Updated April 2026. Vision graduated to GA in VS Code, JetBrains, and Visual Studio. Neovim officially supports only code completion. Eclipse gained Agent mode, Chat, and MCP in May 2025. Issues & Discussions (summarizing threads, drafting responses) is a GitHub.com-only feature. GitHub Mobile also includes Copilot Chat. Source: docs.github.com/copilot/reference/copilot-feature-matrix

GitHub Copilot Plans

From free to enterprise — a tier for every developer

🆓

Free

Included with any GitHub account

  • 2,000 code completions/mo
  • 50 chat messages/mo
  • VS Code & JetBrains
  • GPT-4o, Claude 3.5 Sonnet

Pro

$10/mo — unlimited completions

  • Unlimited completions
  • All models in picker
  • Agent mode & MCP
  • All supported IDEs
🏢

Business

$19/user/mo — team controls

  • Everything in Pro
  • Policy & model controls
  • Audit logs
  • Knowledge Bases
🔒

Enterprise

$39/user/mo — org-wide

  • Everything in Business
  • Custom fine-tuning (GA)
  • Coding Agent (GA)
  • Multi-repo context
  • Advanced security controls
💡 Free tier is available to every GitHub user — no credit card required. Great for hackathons & exploration!  ·  docs.github.com/en/copilot/about-github-copilot/subscription-plans-for-github-copilot  ·  🏢 GHES customers have a separate feature availability timeline — check docs.github.com/en/enterprise-server
GitHub Copilot Free launched December 2024 — every GitHub account gets 2,000 code completions and 50 chat messages per month at no cost. Pro ($10/mo) removes limits and unlocks the full model picker and all IDEs. Business adds org-wide policy controls, audit logs, and Knowledge Bases. Enterprise adds fine-tuned models (now GA), multi-repo context, and the Coding Agent. GHES (GitHub Enterprise Server) customers have a separate feature availability timeline. Source: docs.github.com/en/copilot/about-github-copilot/subscription-plans-for-github-copilot

Copilot Extensibility Map

Where customization files live and what they do

📂 Repository Level .github/
.github/
copilot-instructions.md — repo-wide instructions, always loaded
agents/
*.agent.md — custom agents for this repo
prompts/
*.prompt.md — reusable prompt templates
instructions/
*.instructions.md — path-specific instructions (glob)
skills/
*/SKILL.md — project-specific skills + scripts
workflows/
*.md / *.lock.yml — agentic workflows (gh-aw)
hooks/
*.sh / *.js — pre/post tool-call event hooks
AGENTS.md / CLAUDE.md
✅ Version controlled  ·  ✅ Shared with team  ·  ✅ Works on GitHub.com
💻 User Level ~/
~/.copilot/
copilot-instructions.md — personal global instructions
agents/
*.agent.md — agents across all projects
prompts/
*.prompt.md — personal prompt templates
skills/
*/SKILL.md — personal skills
mcp-config.json — MCP server configuration
hooks/
*.sh / *.js — personal event hooks
~/.claude/ — same structure for Claude Code
🔒 Local only  ·  👤 Personal preferences  ·  🌐 Available in all repos
💡 Repo-level files are shared with your team. User-level files are personal — great for your own agents, coding style preferences, and MCP configs. Naming conflicts? Repo-level wins over user-level.
Key point: .github/ is for the team, ~/.copilot/ is for you. Both work together — repo-level takes precedence on conflicts. The .claude/ directory follows the same structure for Claude Code users. Org/enterprise agents live in .github-private/agents/.

GitHub Copilot vs Azure AI Foundry

They are not competitors — ask: who is the end user?

👩‍💻

GitHub Copilot

End user: Developer

If your agent helps you build software → use Copilot

Use when building
  • Coding agents
  • CI/CD & infra automation
  • Code gen, refactoring, testing
  • Internal engineering tools
  • Dev automation workflows
Why it wins
  • Lives in VS Code, GitHub, CLI
  • Fast iteration loop
  • Integrated into SDLC
  • Minimal infra setup
🔗

Use Both

Rule: Copilot builds the system. Foundry runs the system.

Architecture Pattern
↑ Copilot — Build layer
Generate code · Build APIs · Write prompts · Set up infra
↓ deploy to
↑ Foundry — Run layer
Orchestration · Tool calling · Observability · Governance
CTO mental model
  • Copilot accelerates engineers
  • Foundry creates products
🏭

Azure AI Foundry

End user: Business User / Customer

If your agent delivers business value → use Foundry

Use when building
  • Customer-facing AI apps
  • Enterprise copilots (HR, ops, finance)
  • Multi-agent systems
  • RAG over enterprise data
  • Cross-system workflow automation
Why it wins
  • Full orchestration + multi-agent
  • Data connectors, grounding, memory
  • Governance, compliance, VNet isolation
  • Bring your own model, scale globally
💡 They sit at different layers of the stack. Copilot is your development accelerator; Foundry is your production AI platform. Most real-world projects use both.
Key question: "Who is the end user of the agent?" If it's a developer → Copilot. If it's a business user or customer → Foundry. Most enterprise projects use both: Copilot to build, Foundry to run. They are complementary, not competing.
⌨️

GitHub Copilot CLI

The full agentic platform in your terminal

📰GitHub Blog: CLI General Availability
🤖GitHub Blog: Agentic Workflows
💡GitHub Blog: Idea to PR Guide
📖Official CLI Documentation
📊Feature Matrix & More

Why GitHub Copilot CLI?

A full agentic platform in your terminal

/fleet Parallel multi-agent orchestration
/delegate Async handoff to cloud coding agent
--yolo Fully autonomous autopilot mode
/research Multi-step deep research with citations
--continue Session persistence & resume
/compact Compress session history
-p "task" Scriptable headless mode for CI/CD
models Per-subagent model selection
CLAUDE.md CLAUDE.md / GEMINI.md support
LSP Custom LSP integration

More Devs Choosing the CLI

The terminal-first revolution

69%
of developers keep a terminal always open
70%+
use terminal as primary daily tool
20-40%
productivity improvement with terminal-first AI
75%
reduction in PR completion time
9.6 → 2.4 days
🚀 Every major AI lab shipped a CLI-first agent in 2025
TL;DR: The CLI isn't just a chat window — it's a full agentic platform.

CLI Agent vs gh-aw Platform

Two complementary agentic execution modes

⌨️

gh copilot CLI

  • Interactive terminal agent
  • Runs locally on your machine
  • Real-time, you're in the loop
  • /fleet for parallel sub-agents
  • /delegate hands off to cloud
☁️

gh-aw Platform

  • GitHub Actions-hosted agent runner
  • Event-triggered, runs in cloud
  • Async — fire and forget
  • Powers the Coding Agent
  • Server-side orchestration layer
  • Supports copilot, claude, codex, opencode engines
💡 /delegate from the CLI agent hands off tasks to the gh-aw cloud platform — bridging interactive and autonomous execution  ·  Install: gh extension install github/gh-aw (moved from githubnext/gh-aw in Feb 2026)
The gh-aw (GitHub Agentic Workflows) platform is the server-side orchestration layer running in GitHub Actions. When you use /delegate in the CLI, you're handing off to gh-aw. The Coding Agent you assign issues to also runs on gh-aw. The local CLI is for interactive work; gh-aw is for cloud-native, event-triggered autonomous workflows. Multi-engine support: gh-aw compiles the same workflow for copilot (GitHub Copilot CLI), claude (Claude Code), codex (OpenAI Codex CLI), and opencode engines — the underlying AI differs but the workflow structure, Safe Outputs security model, and MCP tool access are identical. Install: gh extension install github/gh-aw (moved from githubnext/gh-aw in v0.40.1, Feb 2026). Recent additions: domain blocklist (network.blocked frontmatter), MemoryOps for shared memory across runs, skip-if-check-failing pre-activation gate, create-discussion and remove-labels safe outputs, DIFC proxy for auditable operations.

gh-aw Safe Outputs Architecture

Four-layer security model for trustworthy autonomous writes

🔍

AI Agent — Read Only

Agent runs with contents: read only — cannot directly create issues, PRs, or comments

📄

NDJSON Output File

Agent calls MCP tools that write structured actions to a NDJSON file — one JSON object per line

⚙️

Separate Execution Jobs

After the agent completes, dedicated jobs (with write permissions) process the output file

🛡️

Prompt Injection Protection

AI reasoning and write operations are fully separated — malicious instructions cannot trigger unauthorized writes

Safe Output Types

create-issue add-comment create-pull-request create-discussion remove-labels append-only-comments

Why It Matters

  • Safe for production use
  • Auditable write operations
  • PRs auto-close with expires
  • DIFC proxy for full audit trail
Safe Outputs is gh-aw's core security architecture (spec v1.1.0). The AI agent runs with contents: read permission only and cannot directly write to GitHub resources. Instead, it emits structured NDJSON to an output file via MCP tools. After the agent job completes, separate execution jobs (with write permissions) process that file to perform the actual GitHub writes. This separation means a prompt injection attack — even a successful one — cannot cause unauthorized GitHub writes because the AI never has write permissions. Output types include create-issue, add-comment, create-pull-request (with optional expires date), create-discussion, remove-labels, and append-only-comments. The DIFC proxy (v0.64.x) adds Data Integrity and Flow Control for full auditability. Source: github.com/github/gh-aw — scratchpad/safe-outputs-specification.md
🎨

Customizing
GitHub Copilot CLI

Hooks, Plugins, and Custom Agents

Hooks Overview

Deterministic control at agent lifecycle events

Custom Shell Scripts

Execute at agent lifecycle events — real code, not AI-mediated

🔒

Runs Outside the AI Loop

Unlike skills/agents, hooks are imperative code running OUTSIDE the AI

🎯

Deterministic Control

Only mechanism providing deterministic, non-AI-mediated control over the agent

🛡️

Gate MCP Tool Calls

Use preToolUse to intercept and validate tool calls before execution

Hooks fire during subagent execution and can be bundled inside plugins.
📖Hooks Configuration Reference
🔧Using Hooks with CLI
📚Official Hooks Tutorial

Hooks Lifecycle

When hooks fire during agent execution

PreToolUse — Before any tool call
PostToolUse — After tool execution
Notification — On agent notifications
Stop — When agent stops/completes
SubagentStop — When subagent finishes
Hooks return exit codes: 0 = allow, non-0 = block the action

Hooks Use Cases Part 1

Practical applications for hooks

🔒

Security Guardrails

Block dangerous commands like rm -rf, DROP TABLE, or access to sensitive paths. Validate tool inputs before execution.

📊

Audit Logging

Log every tool call, file edit, and terminal command to an audit trail. Essential for compliance and debugging.

Auto-Format & Lint

Run formatters after every file edit. Ensure code style compliance without relying on the AI to remember.

🔔

Notifications

Send Slack/Teams messages or desktop notifications when agent completes tasks or encounters errors.

Hooks Use Cases Part 2

More powerful patterns

🧪

Auto-Test on Edit

Run relevant tests after each file modification. Catch regressions immediately, not at the end of a session.

📝

Changelog Generation

Auto-append changes to a changelog file. Build documentation automatically as the agent works.

💾

Auto-Commit

Create git commits at checkpoints. Enable rollback to any stable state during long sessions.

🚫

Rate Limiting

Prevent runaway agent behavior by limiting tool calls per minute or total operations per session.

Plugins Overview

Distributable AI capability packages

📦

Top-Level Packaging

Installable bundle with custom agents, skills, tools, and hooks

🔌

Distributable

Think of it as an npm package for AI capabilities — share and reuse

🧩

6 Extension Types

Agents, Skills, Tools, Hooks, MCP Servers, and Slash Commands

🤖
Agents
Skills
🔧
Tools
Hooks
🔌
MCP Servers
⌨️
Slash Commands

Plugin Structure

Anatomy of a plugin package

my-plugin/
├── plugin.json
├── agents/
│ └── reviewer.md
├── skills/
│ └── deploy/
│ └── SKILL.md
├── hooks/
│ └── pre-tool.sh
├── tools/
│ └── analyze.py
└── mcp/
└── server.js

📄 plugin.json

Manifest declaring name, version, capabilities, and dependencies.

🔧 Composable

Mix and match extension types. Not every plugin needs all 6 types.

📤 Shareable

Publish to registries or share via git. Teams can standardize on the same plugin set.

GitHub Copilot
Skills & Instructions

Customize Copilot with skills, instructions, prompt files, and custom agents

Skills vs Custom Instructions

Two complementary customization approaches

Agent Skills

PurposeTeach specialized capabilities & workflows
PortabilityVS Code, Copilot CLI, & coding agent
ContentInstructions, scripts, examples & resources
ScopeTask-specific, loaded on-demand
StandardOpen standard (agentskills.io)
📋

Custom Instructions

PurposeDefine coding standards & guidelines
PortabilitySupported IDE's and GitHub.com only
ContentInstructions only
ScopeAlways applied (or via glob patterns)
StandardIDE-specific
VS
Skills are portable and task-specific; custom instructions are always-on guidelines. They complement each other perfectly.

How to Create Skills

Simple file-based structure

📁

Directory-Based

Stored in supported directories with a SKILL.md file as the entry point

🏠

Personal Skills

Store in ~/.copilot/skills/ or ~/.claude/skills/ (legacy)

📦

Rich Resources

Optionally add scripts, examples, or other resources to the skill directory

my-skill/
├── SKILL.md
├── scripts/
│ └── validate.sh
├── examples/
│ └── sample.ts
└── docs/
└── reference.md

How Copilot Uses Skills

Three progressive levels of engagement

Level 1

🔍 Skill Discovery

Copilot reads name and description from YAML frontmatter. Lightweight metadata helps decide relevance to your prompt.

Level 2

📖 Instructions Loading

When request matches skill description, loads the SKILL.md body into context. Detailed instructions become available.

Level 3

📂 Resource Access

Access additional files — scripts, examples, documentation — only as needed. Maximum context efficiency.

✨ Skills are automatically activated based on your prompt — no manual selection needed.
Learn more at agentskills.io — Skills are progressively loaded to keep context windows efficient.

Custom Instructions Overview

Three ways to customize Copilot behavior

⚙️

Custom Instructions

Specify instructions and preferences for any conversation. Always applied as global context.

📝

Prompt Files

Save common prompt instructions in Markdown files (*.prompt.md). Reusable and version-controlled.

🤖

Custom Agents

Specific instructions and tools the LLM follows when replying. Purpose-built AI experiences.

Prompt File Techniques

Key principles for effective prompt files

📎

Reference Other Files

Link to the files and resources the task should use as context

🎯

Single, Clear Purpose

Each prompt file should do one thing well — avoid overloading

📋

Describe WHAT and HOW

Include both the objective and the approach to achieve it

🔗

Modular System

Connect to your broader workflow — prompt files compose together

Custom Agents

Build purpose-specific AI assistants

💬

Description as Placeholder

Description appears as placeholder text in the chat input

🔧

Configure Tools

Specify which tools or tool sets are available

🧠

Select AI Model

Choose a particular model for each agent

📄

Markdown Instructions

Instructions field supports full Markdown with links

🏗️

Purpose-Built Experiences

Code Review Architecture Testing Documentation Migration

Copilot Spaces

Persistent, shareable AI workspaces with memory

📌

Attach Context

Attach repositories, files, and instructions to create a reusable Copilot workspace

💾

Persistent Memory

Spaces remember your attached context across conversations — no need to re-explain your project

🔗

Shareable

Share Spaces with teammates for consistent AI-assisted workflows across your organization

🌌

Create a Space

  • Select repos & files as context
  • Add custom instructions
  • Share with your team
Available in VS Code and GitHub.com
Copilot Spaces are like saved project workspaces with memory. Instead of re-explaining your codebase every conversation, attach repos and files once and share the Space with your team. Source: docs.github.com/en/copilot/using-github-copilot/copilot-spaces

Next Edit Suggestions (NES)

Predictive editing — Copilot anticipates your next change

👁️

Watches Your Edits

Copilot observes your changes and proactively suggests the next location that needs updating

🔁

Propagate Changes

After renaming a variable, NES highlights the next occurrence and suggests the same change

One-Key Accept

Accept the suggested next edit with Tab — keep your flow without breaking context

Ambient Completions

NES works alongside inline completions — together they form Copilot's ambient editing layer: suggesting code as you type and predicting what you'll change next.

GA in VS Code & Visual Studio  ·  🔵 Preview in JetBrains, Xcode & Eclipse
Next Edit Suggestions is one of the most productivity-impacting completions features. It watches your edits and predicts where you need to make the same or similar change next — crucial for refactoring workflows. Source: docs.github.com/en/copilot/using-github-copilot/using-github-copilot-in-your-ide/using-next-edit-suggestions-in-your-ide

Model Selection Guide

Choose the right model for the task

Fast & Focused

Best for everyday tasks

GPT-4o mini o4-mini Gemini 2.0 Flash
  • Code completion
  • Quick Q&A
  • Simple refactors
🧠

Balanced

Best for most agent tasks

GPT-5 GPT-4.1 Claude Sonnet 4 Gemini 2.5 Pro
  • Agent mode tasks
  • Code review
  • Multi-file edits
🔭

Deep Reasoning

Best for complex problems

o3 Claude Sonnet 4.5 Claude Opus 4.5
  • Architecture decisions
  • Complex debugging
  • Extended thinking
💡 Select models per conversation via the model picker in VS Code, JetBrains, Visual Studio, Xcode & GitHub.com
The model picker lets you choose the right model per conversation. Use fast models for completions and quick questions (GPT-4o mini, o4-mini, Gemini 2.0 Flash), balanced models for most agent tasks (GPT-5, GPT-4.1, Claude Sonnet 4, Gemini 2.5 Pro), and reasoning models like o3, Claude Sonnet 4.5, or Claude Opus 4.5 for architecture and complex debugging. GPT-5 is OpenAI's flagship model available in the Copilot model picker. Claude Sonnet 4 replaced Claude Sonnet 3.7 as the standard Sonnet model. Source: docs.github.com/en/copilot/using-github-copilot/ai-models/changing-the-ai-model-for-copilot-chat

Vision & Multimodal Input

Attach images, mockups & diagrams to Copilot Chat

🖼️

Attach Images to Chat

Drag and drop screenshots, UI mockups, or architecture diagrams directly into Copilot Chat

🐛

Debug from Screenshots

Paste a screenshot of an error or broken UI — Copilot analyzes it and suggests fixes

🗂️

Design → Code

Share a UI wireframe or Figma export and ask Copilot to generate the corresponding component code

👁️

IDE Availability

  • VS Code — GA
  • JetBrains — GA
  • Visual Studio — GA
  • Eclipse — GA
Works with models that support vision (e.g. GPT-4.1, Claude Sonnet 4, Gemini 2.5 Pro)
Vision/multimodal input lets you attach image files to Copilot Chat conversations. This is increasingly used for debugging visual issues, implementing UI mockups, and explaining complex architecture diagrams. Now GA in VS Code, JetBrains, Visual Studio, and Eclipse. Source: docs.github.com/en/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide

Model Context Protocol

Extend Copilot capabilities with an open standard

🔌

Extend Copilot
capabilities

🤝

Share context
with LLMs

🛠️

Create new tools
& services

MCP is an open standard — think of it like a USB-C port — a universal adapter for AI applications to connect to external tools and data sources.

Core MCP Concepts Part 1

The three primary primitives

📊

Resources

Servers expose data and content to the AI model. Files, databases, API responses — all accessible as resources.

💬

Prompts

Servers define reusable prompt templates and workflows. Standardized interactions for common tasks.

🔧

Tools

LLMs interact with external systems, perform computations, and take actions in the real world.

Core MCP Concepts Part 2

Supporting infrastructure

🔄

Sampling

Servers request LLM completions through the client. Enables server-initiated AI interactions.

🌳

Roots

Define boundaries where servers can operate. Scoped access for security and context control.

🔀

Transports

The communication foundation between clients and servers. stdio, HTTP, and more.

Generate Custom Instructions

Key techniques for effective instructions

✍️

Write Short Statements

Self-contained, clear, and actionable. Each instruction should stand on its own.

🏛️

Coding Standards & Patterns

Focus on architectural patterns, naming conventions, and code organization preferences.

🔗

Pair with Features

Combine with code review, coding agent, and chat features for maximum impact.

👥

Team-Specific Standards

Reflect your team's unique conventions, frameworks, and best practices.

Copilot Extensions

Third-party integrations via the GitHub Marketplace

🏪

GitHub Marketplace

Browse and install extensions from third-party vendors — no server setup required

💬

@extension-name in Chat

Invoke extensions by name in Copilot Chat to bring external data and actions into context

🔌

Extensions vs MCP

Extensions are installed via GitHub with OAuth permissions; MCP servers run locally or in your infra

🛒

Popular Extensions

@datadog @sentry @docker @atlassian @azure @hashicorp @mongodb @sonarqube
100+ extensions at github.com/marketplace
Copilot Extensions are the third-party ecosystem — vendors build extensions that appear as @name in chat. Unlike MCP servers which you configure locally, Extensions are installed from the GitHub Marketplace and use OAuth for permissions. They're complementary to MCP — use Extensions for managed SaaS integrations and MCP for custom tooling.

Knowledge Bases

Enterprise: Index your internal docs for Copilot context

🗂️

Index Internal Docs

Connect wikis, documentation repos, and codebases as a searchable knowledge index

🤖

Copilot Searches It

Copilot automatically retrieves relevant content from your knowledge base during conversations

🔒

Enterprise & Business

Available on GitHub Copilot Enterprise/Business — managed in Organization or Enterprise settings

🌐

Multi-Repository Context

Enterprise: Copilot Chat can reference code across multiple repositories in a single conversation — spanning org-wide codebases

📚

Use Cases

  • Company coding standards wiki
  • Architecture decision records
  • Internal API documentation
  • Onboarding & runbooks
  • Legacy codebase context
  • Cross-repo org-wide code context
Reduces hallucination on internal APIs & frameworks
Knowledge Bases are an Enterprise/Business feature that lets organizations index their internal documentation and codebases. Copilot can then reference this during conversations, reducing hallucinations on internal APIs and helping onboard new developers faster. Enterprise also supports multi-repository context — Copilot Chat can reference code across multiple repositories in a single conversation, enabling org-wide codebase awareness. Source: docs.github.com/en/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide

GitHub Models

Free AI model playground at github.com/marketplace/models

🧪

Prompt Playground

Test prompts against dozens of models side-by-side — GPT-4o, Llama, Mistral, Phi, and more

💻

Code Snippets

Generate ready-to-use SDK code for any model and language — JavaScript, Python, C#, and more

🆓

Free to Explore

Included with GitHub — experiment with AI models without a separate API subscription

🔬

The GitHub AI Ecosystem

CopilotIntegrated AI assistant
ModelsModel playground & API
Extensions3rd-party marketplace
github.com/marketplace/models
GitHub Models is a free model playground separate from Copilot. It's useful for prototyping prompts, comparing models, and generating API code snippets. Think of it as a sandbox for the AI models that power Copilot and other AI applications.

GitHub Spark ✨

Build and share micro-apps with natural language — no full-stack required

💬

Natural Language to App

Describe what you want to build — Spark generates a fully functional micro-app using AI

🚀

Instant Hosting

Apps are hosted on GitHub infrastructure — share a link immediately, no deployment steps

🔄

Iterative Refinement

Refine your app through conversation — ask Spark to change behavior, add features, or tweak the UI

Part of GitHub's AI Ecosystem

CopilotDeveloper AI assistant
ModelsModel playground & API
SparkNatural language micro-apps
githubnext.com/projects/github-spark
GitHub Spark (GitHub Next) is an AI-powered platform for building and sharing micro-apps using natural language — no full-stack coding required. It's distinct from Copilot but part of the broader GitHub AI story. Developers describe the app they want; Spark generates, hosts, and lets them share it instantly. Useful for prototyping, internal tools, and demos. Source: githubnext.com/projects/github-spark
🤖

GitHub Copilot
Coding Agent

GitHub Copilot intermediate

What is the Coding Agent?

An autonomous AI software development agent

🧠

AI-Powered Development

Works autonomously on issues — plans, codes, tests, and iterates

Asynchronous Execution

Operates in its own GitHub Actions-powered environment — no blocking your workflow

📋

Issue-Driven

Assign it issues or tasks and continue working on other priorities

🔍

Deep Environment Access

Full access to your VS Code environment — actively looks for what it needs

Copilot in GitHub Actions

Run Copilot agent tasks as native CI/CD pipeline steps

⚙️

First-Class Job Step

Use uses: github/copilot-action in any workflow to run Copilot as a native Actions step — not a side-car or gh-aw wrapper

🔁

Event-Driven Automation

Trigger Copilot tasks on push, pull_request, issue_comment, schedule, and more

🛠️

CI/CD Integration

Automate code review, documentation generation, test creation, and triage tasks as part of your existing pipelines

📋

Example Use Cases

  • Auto-review PRs on open
  • Generate release notes on tag
  • Triage new issues with labels
  • Create tests for changed files
  • Update docs on merge to main
Distinct from gh-aw — native Actions, no extra tooling needed
Copilot in GitHub Actions lets you run Copilot as a first-class job step directly in CI/CD pipelines. Unlike the gh-aw platform which orchestrates full agentic workflows, this integration uses a standard GitHub Actions step to trigger Copilot for specific automation tasks like code review, documentation, and issue triage. Source: docs.github.com/en/copilot/using-github-copilot/using-github-copilot-in-github-actions

Agent Mode vs Coding Agent vs Workspace

Three approaches to AI-assisted development

💻

Agent Mode

  • Iterates on code, runs tests locally
  • Plan → Act → Observe workflow
  • Interactive — you're in the loop
  • Immediate feedback cycle
☁️

Coding Agent

  • Assign GitHub issues to Copilot
  • Reads COPILOT.md for project context
  • Works autonomously in GitHub Actions
  • Creates PRs when done
🗺️

Copilot Workspace

  • Start from an issue on GitHub.com
  • Collaborative plan + file tree diff
  • Review & edit before committing
  • GA for Enterprise, browser-based
Three distinct AI development modes: Agent Mode is interactive and local (great for iterating in your IDE), the Coding Agent is fully autonomous (assign issues, get PRs back), and Copilot Workspace is a collaborative planning experience on GitHub.com where you can shape the implementation before any code is committed.

Custom Agents for the Coding Agent

Tailor autonomous behavior per workflow

🎯

Select or Create

When assigning issues to Copilot, select or create a custom agent tailored to the task

🔄

Workflow-Specific

Tailor agents to different workflows — e.g., Kubernetes architect, database migration specialist

🏗️
Architecture Agent
🐳
Kubernetes Agent
🧪
Testing Agent
📝
Docs Agent

COPILOT.md Instructions File

Configure autonomous agent behavior per repository

📄

Repository Root File

Place COPILOT.md in your repo root — the coding agent reads it automatically on every run

🔧

What to Include

Testing commands, build steps, architecture overview, do/don't rules, and project-specific conventions

🆚

vs copilot-instructions.md

.github/copilot-instructions.md is for chat; COPILOT.md is the primary config for the autonomous coding agent

Example COPILOT.md

# Project: MyApp
## Build & Test
- Run: npm test
- Lint: npm run lint
## Architecture
- REST API in src/api/
- React frontend in src/ui/
## Rules
- Never modify migration files
- Tests required for all PRs
COPILOT.md is the primary configuration file for the coding agent. It tells the agent how to build and test your project, the architecture layout, and any rules to follow. Without it, the agent has to discover everything by exploring — COPILOT.md makes it faster and safer.

Copilot Code Review

AI-powered PR review — inline comments, suggestions & summaries

💬

Inline PR Comments

Copilot reviews pull requests on GitHub.com and leaves specific, actionable inline comments

Suggested Changes

One-click code suggestions — authors can accept, edit, or dismiss Copilot's proposed fixes

📋

Diff Summary

Copilot summarizes what changed, why it matters, and highlights areas needing human attention

🔍

Enable Code Review

  • Org / Repo Settings → Copilot
  • Enable "Automatic code review"
  • Request review from Copilot on any PR
Works alongside human reviewers — catches issues early so humans can focus on design & logic
Copilot Code Review is enabled in repository or organization settings. Once enabled, you can request Copilot as a reviewer on any PR. It provides inline comments with suggested code changes that authors can accept with one click. It's designed to complement human review, not replace it.

Copilot PR Summaries

Auto-generate pull request descriptions from your diffs

✍️

Auto-Generate Descriptions

Click the Copilot ✨ icon in the PR description field — Copilot analyzes your diffs and commits to draft a summary

📋

Highlights Key Changes

Generates a structured overview with a brief summary and bullet-pointed highlights — reviewers get context fast

🔄

Works Everywhere

Available on GitHub.com, VS Code, Visual Studio, and the Copilot CLI — wherever you open a PR

📝

Workflow

  • Push your branch & open a PR
  • Click ✨ in the description field
  • Review & edit the draft
  • Submit — reviewers are up to speed
Available on paid plans (Pro, Business, Enterprise)  ·  Not included in Copilot Free
Copilot PR Summaries let you auto-generate a pull request description by clicking the sparkle icon in the PR description box. Copilot reads your diffs and commit history to produce a structured draft — saving time and improving reviewer context. Available on GitHub.com and in VS Code / Visual Studio. Source: docs.github.com/en/copilot/using-github-copilot/using-github-copilot-for-pull-requests

Copilot Autofix

Automatic security vulnerability remediation

🔒

Integrated with Code Scanning

When GitHub Advanced Security detects a vulnerability, Copilot automatically generates a suggested fix

One-Click Remediation

Suggested fixes appear as PR comments — developers can accept, edit, or reject with a single click

🛡️

Shift Left Security

Fixes security issues at the PR stage before they reach production — developer-friendly and fast

🩹

Supported Alerts

SQL Injection XSS Path Traversal SSRF Hardcoded Secrets
Requires GitHub Advanced Security (GHAS)
Copilot Autofix is integrated with GitHub Advanced Security's code scanning. When a CodeQL alert fires on a PR, Copilot generates a fix automatically. This dramatically reduces the time from detection to remediation and makes security accessible to developers who may not be security experts.

Agent Architecture

Under the hood of agent mode

🖥️ Machine
📂 Workspace
🤖 Copilot
+ User
🔄 LLM Loop
Prompt → Streamed Results → Tool Calls → Tool Results → Repeat
run_in_terminal edit_file read_file search list_files browser
🌐 OS Context
🔧 Tool Call
📋 Tool Results
At its core, agent mode orchestrates tools using a system prompt. It parses requests, plans, executes, detects errors, and auto-corrects in a continuous loop.
🎛️

GitHub Copilot
Agent Management

Orchestrating AI agents for complex workflows

Single vs Multiple Sessions

Choosing the right approach for your task

Single-Session

  • Ideal for tasks under 30 minutes
  • Clear scope, uninterrupted focus
  • Self-contained deliverables
  • Agent maintains full context
🔄

Multi-Session

  • Tasks exceeding context window limits
  • Require breaks between phases
  • Involve debugging cycles
  • Work persists through handoff documents
VS
Think of single-session as a sprint and multi-session as a relay race. Each has its strengths depending on task complexity.

Sequential Orchestration

Ordered pipelines where outputs feed inputs

Pattern 1

🔗 Linear Pipeline

Scout → Scribe → Builder — strict ordered execution. Each agent specializes in one phase.

Pattern 2

📊 Dependency-Driven Order

Each agent's output feeds the next. Data flows through the pipeline with clear input/output contracts.

Pattern 3

🛡️ Quality Gates

Ensure flawed outputs don't cascade. Validation checkpoints between each stage prevent error propagation.

Sequential orchestration is your default when outputs feed inputs. Think assembly line — each station adds value.

Parallel Orchestration

Maximize throughput with concurrent agents

Simultaneous Execution

Reduces total time for independent tasks. Run multiple agents at once for maximum throughput.

🔍

Independent Task ID

Analyze inputs/outputs to identify parallelizable work. Not everything can run concurrently.

🗺️

Dependency Mapping

Visual graph showing blocking relationships. Find the critical path and shorten it.

Agent A Agent B Agent C Merge Result
Parallel orchestration is about finding the critical path and shortening it. Independent tasks should always run concurrently.

Workflows & Handoff Documents

Preserving context across sessions

📋

Copy-Paste Ready Prompts

Next session prompt should work immediately. No manual setup or context rebuilding required.

🗂️

Structured Context

Clear sections for what's done, what's pending, and key decisions made along the way.

📦

Explicit Artifact Tracking

List every file created, modified, or deleted with explanations for each change.

The handoff document is your insurance policy against context loss. Treat it as the single source of truth between sessions.
🚀

Thank You!

Start building with GitHub Copilot Skills today

agentskills.io github.com/copilot docs.github.com
Cody Carlson
Sr SE Global Black Belt, Microsoft
Anurag Karuparti
Sr Cloud Solutions Architect, Microsoft
Thank you for attending! Check out agentskills.io for the open standard and github.com/copilot for the latest features.