From 26145da67f33d995a81d6998a0ca4c9f9b26c85d Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 19:43:39 +0000
Subject: [PATCH] docs: update Learning Hub with CLI v1.0.15-v1.0.18 features

- automating-with-hooks.md: Add PermissionRequest and notification hook
  events to the event reference table; document permissionDecision 'allow'
  return value for preToolUse; add PermissionRequest and notification
  practical examples
- creating-effective-skills.md: Document built-in CLI skills (v1.0.17)
  that ship with the CLI without configuration
- using-copilot-coding-agent.md: Add Critic agent best-practice tip
  (v1.0.18, experimental mode for Claude models)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 .../learning-hub/automating-with-hooks.md     | 50 ++++++++++++++++++-
 .../learning-hub/creating-effective-skills.md |  8 ++-
 .../using-copilot-coding-agent.md             |  3 +-
 3 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/website/src/content/docs/learning-hub/automating-with-hooks.md b/website/src/content/docs/learning-hub/automating-with-hooks.md
index 6e1b7c7a..ca30e151 100644
--- a/website/src/content/docs/learning-hub/automating-with-hooks.md
+++ b/website/src/content/docs/learning-hub/automating-with-hooks.md
@@ -3,7 +3,7 @@ title: 'Automating with Hooks'
 description: 'Learn how to use hooks to automate lifecycle events like formatting, linting, and governance checks during Copilot agent sessions.'
 authors:
   - GitHub Copilot Learning Hub Team
-lastUpdated: 2026-04-01
+lastUpdated: 2026-04-06
 estimatedReadingTime: '8 minutes'
 tags:
   - hooks
@@ -98,8 +98,10 @@ Hooks can trigger on several lifecycle events:
 | `subagentStart` | A subagent is spawned by the main agent | Inject additional context into the subagent's prompt, log subagent launches |
 | `subagentStop` | A subagent completes before returning results | Audit subagent outputs, log subagent activity |
 | `errorOccurred` | An error occurs during agent execution | Log errors for debugging, send notifications, track error patterns |
+| `PermissionRequest` | A tool permission prompt is about to be shown to the user | Programmatically approve or deny tool permission requests without user interaction |
+| `notification` | Shell command completes, a permission prompt fires, an elicitation dialog appears, or the agent finishes | Send async notifications, integrate with alerting systems, trigger external workflows |
 
-> **Key insight**: The `preToolUse` hook is the most powerful — it can **approve or deny** individual tool executions. This enables fine-grained security policies like blocking specific shell commands or requiring approval for sensitive file operations.
+> **Key insight**: The `preToolUse` hook is the most powerful — it can **approve or deny** individual tool executions. This enables fine-grained security policies like blocking specific shell commands or requiring approval for sensitive file operations. To **silently approve** a tool without showing the user a permission prompt, return `{"permissionDecision": "allow"}` from your hook script — this suppresses the interactive approval dialog entirely.
 
 ### sessionStart additionalContext
 
@@ -295,6 +297,28 @@ Block dangerous commands before they execute:
 
 The `preToolUse` hook receives JSON input with details about the tool being called. Your script can inspect this input and exit with a non-zero code to **deny** the tool execution, or exit with zero to **approve** it.
 
+### Programmatic Permission Approval with PermissionRequest
+
+The `PermissionRequest` hook fires when a tool permission prompt is about to be shown to the user. Unlike `preToolUse` (which runs before every tool call), `PermissionRequest` specifically targets the interactive permission dialog — letting your scripts **silently approve or deny** without user interaction:
+
+```json
+{
+  "version": 1,
+  "hooks": {
+    "PermissionRequest": [
+      {
+        "type": "command",
+        "bash": "./scripts/auto-approve-safe-tools.sh",
+        "cwd": ".",
+        "timeoutSec": 5
+      }
+    ]
+  }
+}
+```
+
+Your script receives JSON describing the permission request and can output `{"permissionDecision": "allow"}` to approve silently, or exit non-zero to deny. This is useful for CI environments or trusted workflows where you want to auto-approve a known-safe set of tools without pausing for user input.
+
 ### Governance Audit
 
 Scan user prompts for potential security threats and log session activity:
@@ -337,6 +361,28 @@ Scan user prompts for potential security threats and log session activity:
 
 This pattern is useful for enterprise environments that need to audit AI interactions for compliance.
 
+### Async Notifications with the notification Event
+
+The `notification` hook fires **asynchronously** (unlike all other hooks, which run synchronously) when any of these occur: a shell command completes, a permission prompt fires, an elicitation dialog appears, or the agent finishes. Because it's async, it doesn't block the agent:
+
+```json
+{
+  "version": 1,
+  "hooks": {
+    "notification": [
+      {
+        "type": "command",
+        "bash": "./scripts/notify-external.sh",
+        "cwd": ".",
+        "timeoutSec": 10
+      }
+    ]
+  }
+}
+```
+
+Use `notification` for integrating with external alerting systems, dashboards, or workflow triggers where you want to react to agent activity without slowing down the agent itself.
+
 ### Notification on Session End
 
 Send a Slack or Teams notification when an agent session completes:
diff --git a/website/src/content/docs/learning-hub/creating-effective-skills.md b/website/src/content/docs/learning-hub/creating-effective-skills.md
index 1cf91101..b2abae3d 100644
--- a/website/src/content/docs/learning-hub/creating-effective-skills.md
+++ b/website/src/content/docs/learning-hub/creating-effective-skills.md
@@ -3,7 +3,7 @@ title: 'Creating Effective Skills'
 description: 'Master the art of writing reusable, shareable skill folders that deliver consistent results across your team.'
 authors:
   - GitHub Copilot Learning Hub Team
-lastUpdated: 2026-02-26
+lastUpdated: 2026-04-06
 estimatedReadingTime: '9 minutes'
 tags:
   - skills
@@ -47,6 +47,12 @@ Skills are folders containing a `SKILL.md` file and optional bundled assets. The
 - Skills work with standard Copilot tools and bundle their own assets; agents may require MCP servers or custom integrations
 - Use skills for repeatable tasks; use agents for complex multi-step workflows that need persistent state
 
+### Built-in Skills
+
+Starting with CLI v1.0.17, GitHub Copilot CLI ships with **built-in skills** that are available without any configuration. The first built-in skill provides a guide for customizing the Copilot cloud agent's environment (`.github/copilot-setup-steps.yml`). These built-in skills are automatically available to the agent — you don't need to copy or install them. As the CLI evolves, more built-in skills will be added to cover common development workflows.
+
+You can still add your own custom skills alongside built-in ones; they coexist without conflict.
+
 ## Anatomy of a Skill
 
 Every effective skill has two parts: a `SKILL.md` file with frontmatter and instructions, plus optional bundled assets.
diff --git a/website/src/content/docs/learning-hub/using-copilot-coding-agent.md b/website/src/content/docs/learning-hub/using-copilot-coding-agent.md
index dcd48b51..32862446 100644
--- a/website/src/content/docs/learning-hub/using-copilot-coding-agent.md
+++ b/website/src/content/docs/learning-hub/using-copilot-coding-agent.md
@@ -3,7 +3,7 @@ title: 'Using the Copilot Coding Agent'
 description: 'Learn how to use GitHub Copilot coding agent to autonomously work on issues, generate pull requests, and automate development tasks.'
 authors:
   - GitHub Copilot Learning Hub Team
-lastUpdated: 2026-03-25
+lastUpdated: 2026-04-06
 estimatedReadingTime: '12 minutes'
 tags:
   - coding-agent
@@ -355,6 +355,7 @@ See [Automating with Hooks](../automating-with-hooks/) for configuration details
 - **Create skills for repeatable tasks**: If your team frequently does a specific type of work (migrations, API endpoints, test suites), create a skill with step-by-step guidance the agent can follow automatically.
 - **Use custom agents for specialized roles**: Create focused agent profiles for different types of work — a security reviewer, a test specialist, or an infrastructure expert.
 - **Define hooks for formatting**: Hooks ensure the agent's code meets your style requirements automatically, reducing review friction.
+- **Enable the Critic agent for higher-stakes work**: When using Claude models in experimental mode, the Critic agent automatically reviews plans and complex implementations using a complementary model to catch errors early — before they make it into a PR. This is especially useful for non-trivial tasks where a second set of eyes can prevent wasted review cycles.
 
 ### Choosing the Right Tasks