From 2bd5aeeab1b4acfdcb7b5deca8a622a00dc7d1ab Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 10 Jun 2026 16:54:45 +0000 Subject: [PATCH] Update instruction guidance for Copilot permission Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .github/aw/create-agentic-workflow.md | 1 + .github/aw/syntax-core.md | 6 +++--- .github/aw/update-agentic-workflow.md | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/aw/create-agentic-workflow.md b/.github/aw/create-agentic-workflow.md index ecf99f175d4..39db676c102 100644 --- a/.github/aw/create-agentic-workflow.md +++ b/.github/aw/create-agentic-workflow.md @@ -89,6 +89,7 @@ The main agent job must stay read-only. - Do not grant `issues: write`, `pull-requests: write`, or `contents: write` to the agent job. - Route GitHub writes through `safe-outputs:`. +- When targeting the Copilot coding agent, recommend `permissions: { copilot-requests: write }` so Copilot can authenticate with `${{ github.token }}`. - If the user asks for direct writes, explain why the safe-output pattern is required. ### 4. Select tools diff --git a/.github/aw/syntax-core.md b/.github/aw/syntax-core.md index 0982c2aa44d..9e3c8919aec 100644 --- a/.github/aw/syntax-core.md +++ b/.github/aw/syntax-core.md @@ -99,10 +99,10 @@ The YAML frontmatter supports these fields: - When `"full"`, checks both the frontmatter hash and body hash; use when prompt-body edits should also trigger recompilation detection - **`permissions:`** - GitHub token permissions - - Object with permission levels: `read`, `none` - - Available permissions: `contents`, `issues`, `pull-requests`, `discussions`, `actions`, `checks`, `statuses`, `models`, `deployments`, `security-events` + - Object with permission levels: `read`, `none` (and limited `write` for specific scopes) + - Available permissions: `contents`, `issues`, `pull-requests`, `discussions`, `actions`, `checks`, `statuses`, `models`, `deployments`, `security-events`, `copilot-requests` - Write permissions are not allowed for security reasons; use `safe-outputs` for write operations instead - - Exception: `id-token: write` is allowed to enable OIDC token minting for external authentication, but use with caution and follow security best practices + - Exceptions: `id-token: write` is allowed to enable OIDC token minting; `copilot-requests: write` is recommended when targeting the Copilot coding agent so it can authenticate with `${{ github.token }}` - **`runs-on:`** - Runner type for the main agent job (string, array, or object) - **`runs-on-slim:`** - Runner type for all framework/generated jobs (activation, safe-outputs, unlock, etc.). Defaults to `ubuntu-slim`. `safe-outputs.runs-on` takes precedence for safe-output jobs specifically. - **`timeout-minutes:`** - Agent execution step timeout in minutes (integer or GitHub Actions expression, defaults to 20 minutes; custom and safe-output jobs use the GitHub Actions platform default of 360 minutes unless explicitly set). Expressions are useful in compiled workflows that define `workflow_call` inputs, for example `timeout-minutes: ${{ inputs.timeout }}`. This setting applies to the workflow being compiled, not to plain GitHub Actions caller jobs that use job-level `uses:` (GitHub does not allow `timeout-minutes` on those caller jobs). diff --git a/.github/aw/update-agentic-workflow.md b/.github/aw/update-agentic-workflow.md index 561867f95d7..0bfeaa24597 100644 --- a/.github/aw/update-agentic-workflow.md +++ b/.github/aw/update-agentic-workflow.md @@ -45,6 +45,7 @@ Use [workflow-editing.md](workflow-editing.md) as the source of truth. - preserve existing style and structure unless reorganization is required - do not rewrite unrelated frontmatter sections - keep the agent job read-only +- when targeting the Copilot coding agent, recommend `permissions: { copilot-requests: write }` for Copilot authentication - use `safe-outputs:` for writes - prefer `toolsets:` for GitHub tools