* Add copilot-pr-autopilot skill
Skill that drives any GitHub pull request through repeated rounds of
Copilot Code Review until the agent has either resolved every thread
or explicitly escalated it to the human. Triggered via GraphQL (no
@copilot mention needed), triages every open thread with a fix /
decline / escalate rubric, replies and resolves each thread citing
the pushed SHA, then re-triggers until HEAD is reviewed with zero
threads awaiting the agent's reply.
Includes step scripts (01 request-review, 02 check-review-status,
03 list-open-threads, 08 reply-and-resolve, 10 cleanup-outdated),
shared library (_lib.ps1) with gh-CLI wrappers (Invoke-Gh,
Invoke-GhGraphQL, ConvertFrom-GhJson, Assert-GhReady), reply
templates, and reference docs for each step.
Repo-agnostic. Requires gh CLI on PATH and repo Triage/Write for
full autopilot; external PR authors get single-iteration mode with
manual re-trigger via the UI re-request button or a substantive
push.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address review: split per-step references + add recap-gate circuit breaker
- Fix#1: give steps 1/7/10 their own reference files
(01-request-review.md, 07-commit-push.md, 10-cleanup.md); trim the
inline bodies out of orchestration.md so it stays cross-cutting only.
- Fix#3: add a recurring round-cap & recap gate to 09-convergence.md —
default STOP every 10th round, recap all prior rounds, detect drift
(out-of-scope / over-engineering / wrong-direction / belongs-in-separate-PR)
with CONTINUE / REVERT-AND-SHIP / HAND-OFF verdicts. Agent reasoning,
no new script.
- Surface the gate from SKILL.md and orchestration.md; regenerate
docs/README.skills.md. Markdown-only change; scripts unchanged.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* docs(copilot-pr-autopilot): surface recap gate in decision pseudo-code; clarify Copilot+human convergence and round definition
- Inject the round-cap recap gate into the '## Decision: loop back or exit'
pseudo-code else-branch so an agent following the code block (not just the
prose) runs the STOP-every-10th-round check before looping.
- Broaden the 'never terminal' paragraph: non-convergence is driven by a
Copilot finding OR a human review comment (this skill handles both); the
loop ends only when there are no new comments from either source AND every
open thread (Copilot or human) has an agent reply/escalation.
- Define a 'round' explicitly as one execution of step 1 (01-request-review),
i.e. one Copilot-review trigger — the cap counts review rounds, not tool
calls or fix edits.
Markdown-only; no script changes.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* copilot-pr-autopilot: make recap-gate round count deterministic
Add 09-review-round.ps1: counts Copilot Code Review submissions straight
from the PR's API history (full GraphQL pagination), so the recap-gate
trigger is a derived number, not a fallible agent mental tally. This
removes the exact failure mode the skill exists to survive — a count
drifting across a long run (the real 156-round case).
The script reports Round + RecapDue (Round % RecapInterval == 0) only;
it never stops the loop or picks the verdict. CONTINUE / REVERT-AND-SHIP
/ HAND-OFF stays agent reasoning. 09-convergence.md updated to reference
the deterministic count while preserving 'no script stops the loop' and
'non-convergence = Copilot finding OR human comment'.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Regenerate docs/README.skills.md for copilot-pr-autopilot (add 09-review-round.ps1)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* azure-devops-cli: handle long comments on Windows (#2061)
On Windows 'az' is a cmd.exe batch wrapper capped at ~8191 characters,
so a long --discussion / --description value silently truncates or
fails. Document three verified ways out so the coding agent doesn't
waste 3-5 turns falling back to raw token retrieval and REST:
1. azps.ps1 in PowerShell on Windows. Same Azure CLI, invoked through
the Python entry point with no cmd.exe length cap. Pair with
'Get-Content -Raw' so the body lives in a variable, not on the
command line.
2. Native --file-path flags where Azure CLI offers them. Applies to
'az devops wiki page create' and 'az devops wiki page update', both
documented with --encoding.
3. 'az devops invoke --in-file' as the universal escape hatch for
commands with no --file-path (work-item --discussion, PR
--description). Documented example posts to the work item
comments REST endpoint with api-version 7.0-preview.3.
The earlier draft suggested the Azure CLI '@<file>' convention as a
generic substitute for inline string args. The official docs only
document it for JSON parameters and the CLI source uses
'get_file_json' specifically, so the claim is removed and replaced
with an explicit warning not to rely on it for plain string args.
Files touched:
- skills/azure-devops-cli/SKILL.md: new 'Posting long comments on
Windows' section with shell-detection table and three verified
options.
- skills/azure-devops-cli/references/boards-and-iterations.md: short
pointer at each --discussion example back to SKILL.md, plus an
inline PowerShell snippet.
Closes#2061.
* azure-devops-cli: move long-comments guidance to reference file (#2061 review)
aaronpowell asked for the Windows long-comments section to live as a
reference file rather than inline in SKILL.md, so the token weight
isn't always loaded into the agent's context.
- Move the "Posting long comments on Windows" section to a new
references/long-comments-on-windows.md verbatim.
- Strip the section from SKILL.md (56 fewer lines in the always-loaded
surface).
- Add the new file to the Reference Files table in SKILL.md with a
one-line "when to read" hint covering --discussion, --description,
and --content failures on Windows.
- Update the two pointer comments in references/boards-and-iterations.md
to point at the new reference file instead of the SKILL.md section.
docs/README.skills.md regenerated by 'npm run build' to pick up the
new reference file in the skill's bundled assets column.
* Refresh 6 stale instruction files flagged in #2133
Targeted refresh:
- blazor: C# 13 to C# 14. Drop the Visual Studio Enterprise mandate so contributors on VS Code or Rider aren't blocked by a paid SKU. Swap VS-only profiling for dotnet-trace and dotnet-counters.
- copilot-thought-logging: narrow applyTo from '**' to '**/Copilot-Processing.md'. Replace 9 Windows backslash paths with POSIX './Copilot-Processing.md' so the workflow works on macOS and Linux.
- genaiscript: drop the "avoid exception handlers or error checking" line. Replace it with: handle errors at I/O and external API boundaries, let unexpected exceptions surface.
- memory-bank: add the required 'description' frontmatter field (was a validation failure). Narrow applyTo from '**' to 'memory-bank/**'. Add an opt-in note so contributors know auxiliary files land in the workspace root.
Minor modernization:
- azure-functions-typescript: Node.js v20 to v22 LTS.
- localization: relative '../../issues' disclaimer link to absolute https://github.com/github/awesome-copilot/issues so it resolves regardless of the localized doc's path.
docs/README.instructions.md regenerated by 'npm run build' to pick up the new memory-bank description.
* revert applyTo narrow on copilot-thought-logging (#2133 review)
aaronpowell flagged that narrowing applyTo from '**' to
'**/Copilot-Processing.md' inverts the instruction. The instruction
tells Copilot to CREATE Copilot-Processing.md when handling any user
request, so it must apply globally, not only when that file is
already open.
Restore applyTo to '**'. Keep the POSIX path fixes (backslash to
'./Copilot-Processing.md') and the other 5 file fixes in this PR
unchanged.
---------
Co-authored-by: Aaron Powell <me@aaron-powell.com>
Retarget instructions/astro.instructions.md to Astro 7 and
instructions/svelte.instructions.md to Svelte 5 / SvelteKit 2, fix
outdated APIs, add current stable feature guidance, and trim non-code
(setup, deployment, testing-workflow, recap) content so each file
focuses solely on code structure and best practices.
Regenerated docs/README.instructions.md via npm start.
Co-authored-by: GeekTrainer <GeekTrainer@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The `name` frontmatter was `AWS CloudWatch Investigation`, which violated the Agent Skills spec and failed `npm run skill:validate` on main: name must be lowercase letters, numbers, and hyphens and must match the folder name (`aws-cloudwatch-investigation`). Correct the name and regenerate docs/README.skills.md so the validator passes (365/365) and the skills table renders consistently with every other entry.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: add technical job search instructions for CV tailoring, cover letters, and offer evaluation
* chore: regenerate README.instructions.md after adding job search instructions
* refactor: convert technical-job-search from instruction to skill
Per reviewer feedback, instructions load on every turn and waste tokens
for content that is only useful during active job search sessions. A skill
is opted into explicitly, making this a better fit.
- Remove instructions/technical-job-search.instructions.md
- Add skills/technical-job-search/SKILL.md with equivalent content
- Update docs/README.instructions.md and docs/README.skills.md
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* chore: regenerate README.skills.md
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* new hook fix-broken-links
* codespell: add ans for variable short for answer
* update: scripts hand off alternative url to copilot cmd
* codespell: add ext. arcade-canvas/game/phaser.min.js
* Apply suggestions from code review
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* update: rm em-dash from hook scripts
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Add setup-my-iq skill
* Use forward-slash separators in setup-my-iq context pointers for cross-platform portability
* Fix stale step references (9c->10c, 9d->10d) in setup-my-iq SKILL.md
* chore(deps, docs): bump marketplace version to 1.46.0
- Refine execution priority guidance in agent documentation
- Imrpvoe discovery guidance
- Improve context cache guidance
- Add script usage guidelines to agent documentation
- Simplify agent input references
* feat: bump marketplace version to 1.47.0 and enhance agent workflows
- Add Bug‑Fix Mode with validation gate for `debugger_diagnosis` tasks
- Expand allowed task types to include `research`
- Reduce subagent concurrency limit from 4 to 2
- Update design validation handling for flagged tasks
- Update marketplace plugin version reference to 1.47.0
* chore: bump marketplace version to 1.48.0 and refine agent context envelope workflow documentation
- Enhance the Init section in gem-browser-tester.agent.md, gem-code-simplifier.agent.md, and gem-critic.agent.md with detailed context envelope handling, active context treatment, and reuse_notes trust/verification logic.
- Add explicit steps for safe assumption, verification before use, and controlled re‑reading of context notes.
* chore: refine verification of symbol usages before modifying shared components
* chore(marketplace): bump version to 1.50.0; refactor(gem-browser-tester): simplify workflow steps
* chore(docs): simplify Phase 0 task classification and streamline initialization
* chore: Merges teps for batching
* feat: Enhcanc esuport for trivial/ low complex tasks
* chore: bump version to 1.56.0 and add config settings for visual regression, devops approvals, and orchestrator complexity
* chore: fix toc links
* chore: Remove emojis from headings
* chore: Update readme
* chore: Enforce orchestration
* chore: clarify orchestrator role and bump version to 1.59.0
* chore: bump version to 1.61.0 and refine agent documentation
* chore: bump version to 1.62.0 and refine agent documentation
* chore: bump version to 1.63.0 and add mandatory rules notice to all agent documentation files
* chore: Improve batching instructions
- bump version to 1.64.0
* chore: refactor gem-planner agent definition and JSON output to remove redundant fields and simplify structure
* chore: bump marketplace version to 1.66.0 and refactor gem-planner plan format, update agent documentation to clarify reuse_notes and simplify structures
* aws plugin and adding few more aws agents
* updating the agent def
* fixed around skill validator results.
---------
Co-authored-by: Preyas Prakasan <preyasprakasan@Preyass-MacBook-Pro.local>
Replace the Bash namecheap.sh with a stdlib-only Python CLI (namecheap.py)
that resolves all Copilot PR review feedback:
- Cache the public IP once per run instead of per request
- Build API requests in-process via urllib so the API key never appears
in process argv or shell history
- Broaden multi-part TLD detection (co.uk, com.au, etc.) and document the
limitation
- Allow setup to update existing stored credentials
- Stop soliciting the API key via chat; use terminal getpass or env vars
- Remove non-portable Bash constructs (inline local, grep -oP)
Also normalize domain casing, preserve MX priority 0, accept
case-insensitive record types, and handle mixed-case email-forwarding
attributes. Update SKILL.md and regenerate the skills README.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: add conventional-branch skill
Add a new agent skill for creating Git branches following the
Conventional Branch specification. The skill covers branch naming
rules, valid/invalid examples, type prefixes (feature/, bugfix/,
hotfix/, release/, chore/), trunk branch detection, and a
step-by-step workflow for branch creation.
The skill complements the existing conventional-commit skill and
references the specification at https://conventional-branch.github.io.
* fix: use explicit numbered workflow steps in conventional-branch skill
Replace markdown heading-based workflow steps (### 1., ### 2.)
with explicit 'Step N — Title' format for better agent
comprehension.
* Prepare for archiving of copilot-sdk-java repo in favor of java directory in copilot-sdk
* Update README
* Update with latest `java` from `copilot-sdk`.
### 16:37 Prompt
I have added `copilot-sdk-00` to this VS Code workspace. The `copilot-sdk-00/java` directory **is** the Copilot SDK for which this `copilot-sdk-java.instructions.md` is the instructions.
Do a deep read of the source code in `copilot-sdk-00/java`.
Do a deep read of the existing `copilot-sdk-java.instructions.md`.
Suggest any updates based on what should be changed in `copilot-sdk-java.instructions.md`, based on your findings.
### 16:51 Response
Now I have a comprehensive picture. Let me summarize the findings and suggest updates:
---
Based on my deep read of the Java SDK source code and the current copilot-sdk-java.instructions.md, here are the updates I'd suggest:
## Issues Found
### 1. Incorrect: `session.setModel()` documentation is slightly wrong
The instructions show `session.setModel(modelId)` — this is actually correct (it exists on CopilotSession), but the full signatures should be documented:
- `setModel(String model)`
- `setModel(String model, String reasoningEffort)`
- `setModel(String model, String reasoningEffort, ModelCapabilitiesOverride modelCapabilities)` *(since 1.3.0)*
### 2. Incorrect: `PreToolUseHookOutput` API
The instructions show:
```java
var decision = new PreToolUseHookOutput().setKind("allow");
```
But actually `PreToolUseHookOutput` is a **record** with static factory methods:
- `PreToolUseHookOutput.allow()`
- `PreToolUseHookOutput.deny()`
- `PreToolUseHookOutput.deny(String reason)`
- `PreToolUseHookOutput.ask()`
### 3. Missing: `CopilotClientOptions` fields not documented
These are in the source but not in the instructions:
- `setRemote(boolean)` — Mission Control integration
- `setTelemetry(TelemetryConfig)` — OpenTelemetry export *(since 1.2.0)*
- `setSessionIdleTimeoutSeconds(int)` — Idle timeout *(since 1.3.0)*
- `setExecutor(Executor)` — Custom thread pool
- `setTcpConnectionToken(String)` — TCP security token
### 4. Missing: `ToolDefinition.createSkipPermission()`
A third factory method exists *(since 1.2.0)* that skips the CLI permission request entirely. The instructions only mention `create()` and `createOverride()`.
### 5. Missing: Session listing with filters
The instructions show `client.listSessions()` but don't mention the overload with `SessionListFilter` that can filter by `cwd`, `gitRoot`, `repository`, and `branch`.
### 6. Missing: `session.log()` with URL
The instructions show `log(message, level, ephemeral)` but there's also a 4-param overload:
```java
session.log(String message, String level, Boolean ephemeral, String url)
```
### 7. Missing: MCP Server Configuration
The instructions mention `setMcpServers()` in the SessionConfig options list but don't show how to configure them. There are two types:
- `McpStdioServerConfig` — Local/stdio-based servers
- `McpHttpServerConfig` — HTTP/SSE remote servers
### 8. Missing: Cloud Sessions / Remote features
The `setRemote(boolean)` option on client options and per-session GitHub token support for cloud/content-exclusion scenarios.
### 9. Missing: `ModelCapabilitiesOverride`
Vision/image support can be controlled via model capabilities override, but this isn't documented.
### 10. Missing: `EventErrorPolicy` enum values
The instructions mention `EventErrorPolicy.SUPPRESS_AND_LOG_ERRORS` but don't list the other value: `PROPAGATE_AND_LOG_ERRORS` (which is the default).
### 11. Missing: `onLifecycle()` typed overload
There's also `onLifecycle(String eventType, SessionLifecycleHandler handler)` for filtering specific lifecycle events.
### 12. Minor: `send()` return type
`session.send()` returns `CompletableFuture<String>` (the message ID), which is worth mentioning since it can be used for correlation.
---
## Recommended Priority
**High priority** (incorrect info):
- Fix#2 (`PreToolUseHookOutput` API)
**Medium priority** (missing important features):
- Add #4 (`createSkipPermission`)
- Add #7 (MCP server configuration examples)
- Add #3 (missing client options)
- Add #5 (session list filters)
**Low priority** (nice-to-have completeness):
- Expand #1 (setModel overloads)
- Add #6 (log with URL)
- Add #9-12 (minor additions)
Would you like me to apply any or all of these updates to the file?
### 16:52 Prompt
Yes. Apply all of these.
### 16:54 Response
Created 12 todos
Now I have the full file. Let me apply all the changes:
Starting: *Fix PreToolUseHookOutput API (incorrect)* (1/12)
Replacing 84 lines with 199 lines in [](file:///e%3A/workareas/awesome-copilot-00/instructions/copilot-sdk-java.instructions.md)
```
```
Completed: *Fix PreToolUseHookOutput API (incorrect)* (1/12)
All 12 updates have been applied to copilot-sdk-java.instructions.md:
1. **Fixed** `PreToolUseHookOutput` — now uses correct static factory methods (`allow()`, `deny()`, `ask()`) instead of the incorrect `new PreToolUseHookOutput().setKind("allow")`
2. **Added** `ToolDefinition.createSkipPermission()` section (since 1.2.0)
3. **Added** 5 missing `CopilotClientOptions` fields: `remote`, `telemetry`, `sessionIdleTimeoutSeconds`, `executor`, `tcpConnectionToken`
4. **Added** `SessionListFilter` with `setRepository()`, `setBranch()`, `setCwd()`, `setGitRoot()`
5. **Expanded** `setModel()` to show all 3 overloads (model, reasoning effort, capabilities)
6. **Added** `log(message, level, ephemeral, url)` overload
7. **Added** full MCP server configuration section with `McpStdioServerConfig` and `McpHttpServerConfig` examples
8. **Added** `EventErrorPolicy` enum values with explanations
9. **Added** `onLifecycle(String eventType, handler)` filtered overload
10. **Added** note that `send()` returns `CompletableFuture<String>` (message ID for correlation)
11. **Added** `ModelCapabilitiesOverride` section with vision/limits configuration (since 1.3.0)
12. **Added** `remote` option for Mission Control / cloud session integration
13. **Bonus:** Expanded `SessionHooks` example to include all 5 hook types (`onPreToolUse`, `onPostToolUse`, `onUserPromptSubmitted`, `onSessionStart`, `onSessionEnd`)
Made changes.
### 16:54 Prompt
In the "## Core Principles" section. Add a bullet point that describes how `Optional` is used in the API.
### 16:58 Response
Searched for text `Optional` (`copilot-sdk-00` · `java/src/main/java/com/github/copilot/sdk/json/*.java`), 10 results
Searched for text `Optional` (`copilot-sdk-00` · `java/src/main/java/com/github/copilot/sdk/json/InfiniteSessionConfig.java`), 13 results
Replacing 7 lines with 8 lines in [](file:///e%3A/workareas/awesome-copilot-00/instructions/copilot-sdk-java.instructions.md)
```
```
Added the bullet point describing how `Optional<T>`, `OptionalInt`, and `OptionalDouble` are used on config class getters to distinguish "not set" from explicit values, while setters accept raw types and return `this` for fluent chaining.
Made changes.
### 16:58 Prompt
Consider this code from the Java README.
```java
public class CopilotSDK {
public static void main(String[] args) throws Exception {
var lastMessage = new String[]{null};
// Create and start client
try (var client = new CopilotClient()) { // JDK 25+: comment out this line
// JDK 25+: uncomment the following 3 lines for virtual thread support
// var options = new CopilotClientOptions()
// .setExecutor(Executors.newVirtualThreadPerTaskExecutor());
// try (var client = new CopilotClient(options)) {
client.start().get();
// Create a session
var session = client.createSession(
new SessionConfig().setOnPermissionRequest(PermissionHandler.APPROVE_ALL).setModel("claude-sonnet-4.5")).get();
// Handle assistant message events
session.on(AssistantMessageEvent.class, msg -> {
lastMessage[0] = msg.getData().content();
System.out.println(lastMessage[0]);
});
// Handle session usage info events
session.on(SessionUsageInfoEvent.class, usage -> {
var data = usage.getData();
System.out.println("\n--- Usage Metrics ---");
System.out.println("Current tokens: " + data.currentTokens().intValue());
System.out.println("Token limit: " + data.tokenLimit().intValue());
System.out.println("Messages count: " + data.messagesLength().intValue());
});
// Send a message
var completable = session.sendAndWait(new MessageOptions().setPrompt("What is 2+2?"));
// and wait for completion
completable.get();
}
boolean success = lastMessage[0] != null && lastMessage[0].contains("4");
System.exit(success ? 0 : -1);
}
}
```
I want to get across the very important JDK 25 comment. What's the best place to encode that knowledge in the instructions?
* Apply review suggestions
* Add visual-pr plugin: screenshot capture, annotation, PR embedding, and screen recording
Four skills that teach Copilot to capture UI screenshots (Playwright + PIL),
annotate them with algorithmic label placement, embed before/after images
in PR descriptions, and record animated GIF demos.
Includes demo images showing the annotation engine on GitHub Issues.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update generated README tables and marketplace.json
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Embed annotate.py module in image-annotations skill
The full working module (annotate_image, grid_image, diff_images) is now
included as a code block so users can save it as annotate.py and import
directly. Scrubbed project-specific labels from examples.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address review feedback: mss.mss() context manager, fix RECT struct, consistent placeholder
- Use mss.mss() context manager instead of mss.MSS() (ui-screenshots, screen-recording)
- Fix broken RECT struct in window+GIF combining example (screen-recording)
- Consistent projectId placeholder in AzDO upload example (pr-screenshots)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fresh pull of updated stage with 2 skills and updated README only
* adjusted skills after feedback and used skill analyser to review
---------
Co-authored-by: Mark Heynes <mutl3y@heynes.biz>
* fix(analyzer): update CWE mappings and terminology to official MITRE standards
* feat(analyzer): integrate CWE 4.20 AI/ML security weaknesses and modern Top 25 view
* fix(analyzer): normalize agent name to match filename and pass validation
Adds a new custom agent that guides Azure Verified Modules (AVM) owners through a structured, repeatable workflow to triage open issues across the AVM repos they maintain. Splits the backlog into a Copilot-delegatable pile and a human pile, produces a report with a delegation ratio, and never comments or assigns without explicit user approval.
Adds a skill that lets users generate images (icons, sprites, textures,
mockups) directly from their coding workflow using OpenAI gpt-image-2 or
Google Gemini. BYO API key — the skill guides users through setup on
first use.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The winui plugin from microsoft/win-dev-skills now provides equal-or-better coverage of WinUI 3 development through the winui-dev agent and 7 specialized skills (winui-design, winui-code-review, winui-dev-workflow, winui-packaging, winui-ui-testing, winui-setup, winui-wpf-migration). UWP-to-WinUI 3 API rules are now codified as build-time diagnostics via the Microsoft.WindowsAppSDK.Analyzers Roslyn analyzer.
Co-authored-by: Nikola Metulev <711864+nmetulev@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>