Skip to content

GitHub Copilot Coding Agent

Asynchronous agent that works via GitHub Actions to plan, implement, test, and open pull requests.

How it works

The coding agent is Copilot's asynchronous counterpart to agent mode. Assign it a GitHub issue, or prompt it through Copilot Chat. The agent then starts a temporary development environment powered by GitHub Actions. It explores the code, plans the work, writes changes, runs automated tests and linters, and opens a pull request.

Generally available September 2025 for all paid Copilot subscribers.

Self-review and security

Before opening a PR, the coding agent runs the agent self-review loop: it reviews its own changes using Copilot code review, acts on the feedback, and runs security scanning: CodeQL code scanning, secret scanning, and dependency vulnerability checks. Since June 2026, GitHub Copilot code review reads a repository's AGENTS.md so its review follows the project's own conventions.

MCP server support

The coding agent can use tools from MCP servers, both local and remote. For now it can use tools only, not resources or prompts.

CLI handoff

Prefix any CLI prompt with & to delegate work to the cloud-based coding agent — GitHub describes it as pressing "the ampersand symbol (&) in the CLI to delegate work back to the cloud and keep going locally". Use /resume to pull a cloud session back into your local CLI.

Best for

Low-to-medium complexity tasks in well-tested codebases: adding features, fixing bugs, extending tests, refactoring, and documentation improvements.

When this backfires

  • Large multi-file refactors. Practitioners report the coding agent struggles when changes span many interconnected files and architectural concerns; a local IDE agent with richer context is often a better fit (community report, Jan 2026).
  • Tight iteration loops. Webapp sessions can take 90+ seconds to start an Actions runner, and the cycle repeats if the agent times out before finishing; interactive local agents avoid this overhead (community report, Jan 2026).
  • Heavy daily usage under flat-rate plans. Agentic workflows routinely exceed the compute included in paid tiers; in late 2025 GitHub paused new Copilot sign-ups and tightened usage limits on agent-heavy plans (The New Stack, TNW).
  • Work the agent cannot self-verify. The self-review and test loop only catches what the repo's own tests and scanners catch; changes that need human judgement (UX, API design, security-sensitive logic) still need a close human review before merge.

Example

Assign the coding agent to a GitHub issue directly from the issue sidebar by selecting Copilot as the assignee, or trigger it via Copilot Chat with a specific issue reference:

@copilot Fix the N+1 query problem described in #312. The issue is in the `OrderRepository.findByUser` method — add eager loading for the related `items` and `product` associations and add a regression test.

The agent spins up a GitHub Actions runner, explores the codebase, and opens a draft PR. The Actions log shows each step:

▶ Exploring codebase
  Reading src/repositories/OrderRepository.ts
  Reading tests/repositories/OrderRepository.test.ts
▶ Planning changes
  - Add .include(:items, :product) to findByUser query
  - Add test asserting single query for 3 orders
▶ Implementing
  Modified: src/repositories/OrderRepository.ts
  Modified: tests/repositories/OrderRepository.test.ts
▶ Running tests (npm test)
  All 47 tests passing
▶ Self-review
  No issues detected
▶ Opening draft PR #318

After the PR opens, add an MCP server to extend what the agent can access during future tasks — for example, a database introspection tool registered in .github/copilot/mcp.json:

{
  "mcpServers": {
    "db-schema": {
      "type": "http",
      "url": "<your-mcp-server-url>"
    }
  }
}

With the MCP server registered, the coding agent can query live table schemas during implementation instead of inferring them from existing code.

Key Takeaways

  • Fully asynchronous — works in the background via GitHub Actions while you continue
  • Self-reviews changes and runs security scanning before opening PRs
  • MCP server support extends capabilities to external tools
  • CLI handoff enables seamless switching between local and remote agent work
Last reviewed: 2026-06-19 Applies to: copilot@1.x
Feedback