Skip to content

Replace github.lockdown with github.repos/min-integrity guard policies in create prompt#21705

Merged
pelikhan merged 3 commits intomainfrom
copilot/update-agentic-workflows-md
Mar 19, 2026
Merged

Replace github.lockdown with github.repos/min-integrity guard policies in create prompt#21705
pelikhan merged 3 commits intomainfrom
copilot/update-agentic-workflows-md

Conversation

Copy link
Contributor

Copilot AI commented Mar 19, 2026
edited
Loading

The create-agentic-workflow prompt referenced the deprecated lockdown feature. Guard policies (repos + min-integrity) are the current approach for controlling content access in public repos.

Changes

  • Removed the "GitHub lockdown Mode" section including lockdown: false guidance and its doc link
  • Added "Guard Policies" section covering:
    • repos — restricts repository scope ("all", "public", or pattern array)
    • min-integrity — filters content by author trust level (approved, unapproved, none)
    • Both fields required when either is used
    • Automatic min-integrity: approved applied to public repos when neither field is set
tools:
  github:
    toolsets: [default]
    repos: "all"
    min-integrity: approved  # Only content from trusted collaborators
Original prompt

Update create agentic workflows.Md prompt:

  • remove suggestions to use GitHub.lockdown
  • add suggestions to use github.repos and github.min-integrity

📍 Connect Copilot coding agent with Jira, Azure Boards or Linear to delegate work to Copilot in one click without leaving your project management tool.

@pelikhan
Update create-agentic-workflow.md: replace lockdown with repos/min-in…
163b472 
…tegrity guard policies

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Update create agentic workflows MD suggestions Replace github.lockdown with github.repos/min-integrity guard policies in create prompt Mar 19, 2026
Copilot AI requested a review from pelikhan March 19, 2026 02:17
pelikhan
pelikhan reviewed Mar 19, 2026
View reviewed changes
Copy link
Contributor

@pelikhan pelikhan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot do not advertise the github remote MCP

@pelikhan
Remove mode: remote from guard policies example
4075b3f 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Mar 19, 2026

@copilot do not advertise the github remote MCP

Removed mode: remote from the guard policies example in 4075b3f. The example now uses the default (local) mode.

Copilot AI requested a review from pelikhan March 19, 2026 02:31
@pelikhan pelikhan marked this pull request as ready for review March 19, 2026 02:39
Copilot AI review requested due to automatic review settings March 19, 2026 02:39
@pelikhan pelikhan merged commit bad0038 into main Mar 19, 2026
@pelikhan pelikhan deleted the copilot/update-agentic-workflows-md branch March 19, 2026 02:39
Copilot AI reviewed Mar 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the “create agentic workflow” prompt to remove deprecated github.lockdown guidance and replace it with current GitHub MCP guard policy configuration (repos + min-integrity) for controlling repository scope and content trust filtering.

Changes:

  • Removed the “GitHub lockdown Mode” section and its lockdown: false guidance/link.
  • Added a “Guard Policies (repos and min-integrity)” section with definitions, defaults, and an example configuration.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

.github/aw/create-agentic-workflow.md
Comment on lines +496 to +498
- `approved` — Only content from owners, members, and collaborators (highest trust)
- `unapproved` — Include contributors and first-time contributors
- `none` — Include all content regardless of author association
.github/aw/create-agentic-workflow.md
Comment on lines +491 to +494
- **`repos`** - Restricts which repositories the agent can access:
- `"all"` — All repositories accessible by the token
- `"public"` — Public repositories only
- Array of patterns — Specific repos or wildcards (e.g., `["myorg/*", "myorg/api-*"]`)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pelikhan