Add automated contributor reputation screening on PR/issue open events
using AGT's pip-installable CLI tools. Detects coordinated inauthentic
contribution patterns (credential laundering, spray-and-pray).
- Installs via pip (pinned to agent-governance-toolkit==3.3.0)
- Uses jq for JSON parsing
- Fails closed: UNKNOWN risk maps to MEDIUM
- Posts risk summary comment on MEDIUM/HIGH with link to workflow run
- Adds needs-review label for maintainer attention
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add acreadiness-cockpit plugin
Adds a new plugin that drives Microsoft AgentRC from Copilot chat,
framing every interaction inside AgentRC's Measure -> Generate ->
Maintain loop.
Custom agent (agents/ai-readiness-reporter.agent.md):
Runs `agentrc readiness --json`, interprets every result against
the 9-pillar / 5-level maturity model, then renders a self-contained
reports/index.html from a fixed HTML/CSS template (bundled with the
acreadiness-assess skill) so every user gets an identically styled
dashboard. Honours policies (disabled criteria, overrides, pass-rate
thresholds) and surfaces extras separately.
Skills:
- acreadiness-assess: Measure step. Wraps `agentrc readiness --json`
and hands off to the @ai-readiness-reporter agent. Bundles the
canonical report-template.html.
- acreadiness-generate-instructions: Generate step. Wraps
`agentrc instructions`. Defaults to .github/copilot-instructions.md
(Copilot-native). Asks flat vs nested. For monorepos, emits per-area
.github/instructions/<area>.instructions.md files with applyTo
globs taken from agentrc.config.json.
- acreadiness-policy: Maintain step. Helps pick, scaffold, or apply an
AgentRC policy (criteria.disable, criteria.override, extras,
thresholds) and wire it into CI via --fail-level.
Plugin (plugins/acreadiness-cockpit/):
Declarative plugin.json referencing the agent and three skills.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review feedback
- Align documented slash-command names with plugin manifest:
/acreadiness-assess, /acreadiness-generate-instructions,
/acreadiness-policy (was /assess, /generate-instructions, /policy
inside SKILL bodies and argument-hints).
- Move the literal % from the report template into the substituted
values for {{passRate}} and {{threshold}} so an N/A value of '—'
no longer renders as '—%'. Updated the agent placeholder contract
accordingly.
- Point the report footer at the canonical plugin folder under
github/awesome-copilot instead of the personal source fork.
- Add explicit HTML-escaping rules to the agent: HTML-escape every
{{placeholder}} substitution, and replace </script with <\/script
inside the embedded JSON block so untrusted repo content cannot
break the markup or inject scripts.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update winapp CLI skill
* Updated skill for winapp cli based on review
* Updates to tighten up skill for winappcli
* Tighten skill to reduce token use
* Update to use steps
* Updates from review comments
* Fix spellcheck in build
- Add /chronicle command (GA in v1.0.40): session history and file tracking
- Add --max-autopilot-continues flag for autopilot mode configuration
- Add COPILOT_HOME env var and deprecation notice for --config-dir
- Add client_credentials OAuth grant type for headless MCP authentication
- Add Azure DevOps auto-disable GitHub MCP server FAQ entry
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: Add Project Documenter Plugin with agents and skills
- Auto-discovers technology stack and project structure
- Generates architecture diagrams with draw.io
- Creates professional Word (.docx) output with embedded PNG images
- Includes agents for orchestration and skills for functionality
* chore: moved agents, skills and scripts to respective folders
* chore: ran npm run build for readme updates
* Update plugins/project-documenter/.github/plugin/plugin.json
Co-authored-by: Aaron Powell <me@aaron-powell.com>
* fix: readme.agent.md file
* fix: added the missing agent file and updated readme for the same
---------
Co-authored-by: Aaron Powell <me@aaron-powell.com>
Document the /compact, /context, and /usage slash commands in the
Copilot Configuration Basics page. These commands were not covered
in the main Learning Hub (outside the separate cli-for-beginners
track), but are broadly useful for interactive and ACP sessions:
- /context: visualize context window token usage
- /usage: display per-session token and API call metrics
- /compact: summarize conversation history to reclaim context space
- Note that all four (/env included) now work in ACP sessions (v1.0.39+)
- Note that ACP clients can toggle allow-all mode via session
configuration without a slash command (v1.0.39+)
Sources:
- https://github.com/github/copilot-cli/blob/main/changelog.md
(v1.0.39 – 2026-04-28)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add eyeball plugin: document analysis with inline source screenshots
Eyeball generates Word documents where every factual claim includes a
highlighted screenshot from the source material. Supports PDFs, Word
docs, and web URLs. Designed for verifying AI-generated document
analysis against the original source.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address review feedback: soft imports, Windows Word support, doc fixes
- Make PyMuPDF/Pillow/python-docx imports soft so setup-check runs
without dependencies installed
- Add _check_core_deps() guard at CLI command entry points
- Add Windows Word detection in setup-check
- Remove references to setup.sh (not included in plugin)
- Fix usage docstring to show inline JSON instead of filename
- Use consistent <path-to>/eyeball.py paths in SKILL.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update eyeball plugin with bug fixes and Windows support
- Fix resource leaks (pdf_doc closed in finally blocks)
- Fix Windows Word COM automation (DispatchEx, proper cleanup)
- Fix converter order (Word before LibreOffice on Windows)
- Add source file existence checks with clear errors
- Fix Playwright cache detection for all platforms
- Fix setup.sh error handling (pipefail)
- Fix AppleScript path injection
- Fix highlight padding scaling with DPI
- Add pywin32 as Windows dependency
- Update README with Windows setup instructions
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address Copilot code review feedback
- Fix browser leak in render_url_to_pdf (try/finally around Playwright)
- Remove setup.sh references from SKILL.md (not bundled in plugin)
- Use consistent <path-to>/eyeball.py paths in SKILL.md
- Update plugin README install instructions for awesome-copilot
- Add Windows pywin32 install step to SKILL.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: update _img_to_bytes docstring to reflect BytesIO return type
Agent-Logs-Url: https://github.com/github/awesome-copilot/sessions/048d704a-d78a-4a46-80d9-a155ff1e0d85
Co-authored-by: dvelton <48307985+dvelton@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
* Updating the workflow to publish to the new marketplace branch
Using env vars for the branch names so that we can easily update without inlining everything as we progress through
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Foundation skill (flowstudio-power-automate-mcp) rewritten to use the
server's new tool_search and list_skills meta-tools (v1.1.5+) for
discovery instead of cataloging every tool by hand. Cut from 519 to
295 lines. New "Which Skill to Use When" intent-keyed decision tree
points at the four specialized skills.
Build/debug/governance/monitoring updated for use-case framing. Tools
that genuinely cross tiers (e.g. debug skill borrowing
get_store_flow_summary) are correct when the workflow needs them — the
split between skills is by use-case intent, not by tool partition.
Build skill: new Step 3a Resolving Dynamic Connector Values covers
get_live_dynamic_options outer-parameter auto-bridge (v1.1.6+) and the
AadGraph user-picker fallback via shared_office365users.SearchUserV2
(replaces broken builtInOperation:AadGraph.GetUsers).
Debug skill: Outlook user-picker failure note pointing at the fallback.
Monitoring skill description disambiguates from the server's monitor-flow
tool bundle (runtime control of a single flow) — this skill is
tenant-wide health analytics over the cached store.
All 5 skills validate via npm run skill:validate; line endings LF only;
codespell clean; auto-regenerated docs/README.skills.md included.
- Add shell completion section: copilot completion <bash|zsh|fish>
subcommand for static shell tab-completion scripts (v1.0.37)
- Add warning that ~/.claude/ agents/skills/commands are no longer
loaded by Copilot CLI; point to ~/.agents/ as the correct location (v1.0.36)
- Document ctrl+x → b keyboard shortcut for backgrounding running
tasks (v1.0.39)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Introduce a new github-release skill: adds skills/github-release/SKILL.md with a 9-step GitHub release workflow (gh/git-based, SemVer, Keep a Changelog guidance). Also adds reference heuristics for commit classification and SemVer decision rules, and updates docs/README.skills.md to list the new skill.
* Add ai-ready skill (wrapper)
Lightweight wrapper that installs the full ai-ready skill from
johnpapa/ai-ready and runs it. The full skill (~600 lines) analyzes
repos and generates AGENTS.md, copilot-instructions.md, CI workflows,
issue templates, and more — all customized to the repo's actual stack.
Wrapper approach keeps this repo's review surface small (30 lines)
while the source of truth stays in johnpapa/ai-ready.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use numbered steps to satisfy skill validator
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: address Copilot review feedback
- Quote frontmatter description (YAML consistency)
- Add PowerShell install commands for cross-platform support
- Clarify that download overwrites existing copy
- Add note about pinning to a specific tag/commit
- Explicit invocation instructions (say 'make this repo ai-ready')
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* docs: add ai-ready to skills index table
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: correct ai-ready skill alphabetical order in README.skills.md
Run npm run build to fix the entry ordering that caused CI failure.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: add review step before loading downloaded skill
Address code review feedback — users should inspect the downloaded
SKILL.md before reloading skills, per supply chain safety suggestion.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: add hooks authoring instruction
Add hooks.instructions.md with portable guidance for writing GitHub Copilot hooks:
- Folder structure, config schema, and all field documentation
- Script contract: stdin JSON, exit codes, stdout/stderr channels
- Payload schemas for all common events (sessionStart, sessionEnd, userPromptSubmitted, preToolUse, postToolUse, errorOccurred, agentStop)
- Per-event deny mechanisms (structured JSON for preToolUse, non-zero exit for others)
- Matcher support for host-level tool filtering
- Three impactful examples: commit gate, auto-format, dangerous command blocker
- Bash and PowerShell templates
- Cross-platform guidance (Python through both entries)
- Anti-patterns, design rules, and portability notes (GitHub Copilot vs Claude Code)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: address PR review comments
- Document both toolArgs (JSON string) and tool_input/toolInput (object) variants with defensive parsing
- Update sessionStart stdout to reflect additionalContext injection support
- Document preToolUse stdout output fields: modifiedArgs/updatedInput, additionalContext
- Add matcher field note about local verification
- Remove undocumented notification event from event table
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: address round 2 review comments
- Defensive toolArgs parsing in all 3 example scripts (handle toolArgs string, tool_input, toolInput)
- PowerShell type check: test -is [string] before ConvertFrom-Json, init to null
- commit-gate.sh: add package.json existence guard before jq
- block-dangerous.sh: truncate command in deny reason and stderr to avoid leaking secrets
- Consistent defensive parsing helper across all Bash examples
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: handle toolArgs as string or object in jq, fix short_cmd scoping
- All 3 Bash example jq blocks now check toolArgs type before fromjson
- short_cmd defined before the deny/log branch to avoid set -u error
- Consistent defensive pattern across commit-gate, format-on-save, block-dangerous
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: remove accidentally committed agency.toml
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: expand Portability Note into CLI vs VS Code vs Cloud Agent section
Address Aaron's review: replace the thin portability bullet points with
a concrete comparison table covering what is the same (config schema,
event name casing, fields) and what differs (hook loading, shell
environment, tool argument field names). Add a 'How to write portable
hooks' checklist. Separate Claude Code into its own subsection.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: simplify to toolArgs-only parsing, clean portability section
- toolArgs is the documented contract — remove tool_input/toolInput defensive
fallbacks from all examples and the Script Contract template
- Simplify portability section: same config everywhere, one-line note about
cloud agent requiring default branch
- All 3 example scripts now use simple toolArgs pipe parsing
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add pr-dashboard skill and plugin
Adds a self-contained PR dashboard skill that generates and opens a
rich HTML dashboard in the browser showing GitHub pull requests for a
given date range and role filter.
- Skill: skills/pr-dashboard/ — bundles pr-dashboard-cli.mjs,
dashboard.html, and lib/utils.mjs
- Plugin: plugins/pr-dashboard/ — makes it installable via
`copilot skill install pr-dashboard@awesome-copilot`
Requires GitHub CLI (gh) installed and authenticated.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Restore README.instructions.md to upstream sort order
macOS locale sorts Japanese/Korean C# entries differently than Linux CI.
Restore to the upstream/staged version since we don't add any instructions.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review comments
- Fix regex character class bug: [-to]+ → (?:-|to) alternation in utils.mjs
- Fix 'last week' to return previous calendar week (Mon–Sun) not last 7 days
- Remove unused formatHumanDate and buildMarkdown exports from utils.mjs
- Fix ghApi error handling: rethrow with helpful message instead of silently
returning parsed JSON on failure (prevents silent auth errors)
- Add pagination to searchIssues (up to 1000 results across pages)
- Add rel="noopener noreferrer" to target=_blank links in generated rows
- HTML-escape fallback template content in renderHtml to prevent injection
- Move escapeHtml to module level so it's available before renderHtml body
- Neutralise dashboard.html template: placeholder title/h1/meta/stats/tbody
- Empty __md and filename in template (CLI populates at runtime)
- Add aria-label to search input and status/review selects
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* remove newline
* Regenerate docs/README.instructions.md
* refactor(pr-dashboard): move scripts/assets per skills spec, remove plugin
- Move pr-dashboard-cli.mjs and lib/utils.mjs into scripts/ per skills spec
- Move dashboard.html into assets/ per skills spec
- Update CLI template path and SKILL.md script path reference
- Remove plugins/pr-dashboard (redundant now that gh skills install works)
- Clean up marketplace.json and docs/README.plugins.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Removing search from the home pageThis was a little confusing because there are two searches, but the overall site search is a lot more powerful
* Prefilter website search by resource page
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* small error handling and formatting
* Simplify website listing controls
Remove per-page text search, trim page-specific controls, and move remaining sort/filter controls into compact flyouts.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Three agent files had a trailing comma after the last element in their
YAML flow-sequence tools arrays. When parsed, this produces an empty
string as an extra tool entry, which the Copilot API rejects with:
CAPIError: 400 Invalid 'tools[N].function.name': empty string
Affected files:
- agents/kusto-assistant.agent.md
- agents/mentoring-juniors.agent.md
- agents/address-comments.agent.md
Co-authored-by: ilderaj <>
* feat: move to xml top tags for ebtter llm parsing and structure
- Orchestrator is now purely an orchestrator
- Added new calrify phase for immediate user erequest understanding and task parsing before workflow
- Enforce review/ critic to plan instea dof 3x plan generation retries for better error handling and self-correction
- Add hins to all agents
- Optimize defitons for simplicity/ conciseness while maintaining clarity
* feat(critic): add holistic review and final review enhancements
* chore: bump marketplace version to 1.10.0
- Updated `.github/plugin/marketplace.json` to version 1.10.0.
- Revised `agents/gem-browser-tester.agent.md` to improve the BROWSER TESTER role documentation with a clearer structure, explicit role header, and organized knowledge sources section.
* refactor: streamline verification and self‑critique steps across browser‑tester, code‑simplifier, critic, and debugger agents
* feat(researcher): improve mode selection workflow and research implementation details
- Refine **Clarify** mode description to emphasize minimal research for detecting ambiguities.
- Reorder steps and clarify intent detection (`continue_plan`, `modify_plan`, `new_task`).
- Add explicit sub‑steps for presenting architectural and task‑specific clarifications.
- Update **Research** mode section with clearer initialization workflow.
- Simplify and reformat the confidence calculation comments for readability.
- Minor formatting tweaks and added blank lines for visual separation.
* Update gem-orchestrator.agent.md
* docs(gem-browser-tester): enhance BROWSER TESTER role description and clarify workflow steps- Expanded the BROWSER TESTER role with explicit responsibilities and constraints
- Reformatted the Knowledge Sources list using consistent numbered items for readability- Updated the Workflow section to detail initialization, execution, and teardown steps more clearly- Refined the Output Format and Research Format Guide structures to use proper markdown syntax
- Improved overall formatting and consistency of documentation for better maintainability
* docs: fix typo in delegation description
* Add ai-team-orchestration plugin: multi-agent dev team with Producer, Dev Team, QA agents
* fix: use kebab-case agent names to match filenames
* fix: regenerate README after agent name change
* fix: address Copilot review — add edit tools to Producer/QA, use GitHub closing keywords
* fix: update agent tools to official VS Code tool set names
Replace outdated/nonexistent tool names with current official tool sets:
- Producer: search, read, edit, web (removed nonexistent githubRepo)
- Dev Team: search, read, edit, execute, web (replaced runCommands, problems, usages, etc.)
- QA: search, read, edit, execute, web (removed nonexistent findTestFiles, runTests)
Ref: https://code.visualstudio.com/docs/copilot/reference/copilot-vscode-features#_chat-tools
* fix: remove frontmatter from plugin README per reviewer feedback
---------
Co-authored-by: Aaron Powell <me@aaron-powell.com>
* removing old scripts
* consolidated folder
* Updating usage of scripts
* Adding script to generate an open PR report, rather than making AI gen it each time
* Adding step to close old quality report discussions
- Document new HTTP hook type (v1.0.35): hooks can now POST JSON to a URL
instead of running a local command, enabling centralized audit/notification
services without distributing scripts to every developer's machine
- Document preToolUse matcher field (v1.0.36): clarify that matcher is a regex
filter on tool name; add important upgrade note about v1.0.36 behavioral fix
(previously matcher was silently ignored)
- Update Security Gating example to show matcher field targeting the bash tool
- Add HTTP hook practical example for session-end audit webhook
- Note that plugins take effect immediately after install (v1.0.35, no restart needed)
- Update lastUpdated dates on both pages
Sources:
- https://github.com/github/copilot-cli/releases/tag/v1.0.35
- https://github.com/github/copilot-cli/releases/tag/v1.0.36
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add migration guide from javax to jakarta namespace
This document provides a comprehensive guide for migrating Java code from the javax namespace to the jakarta namespace, including steps for scanning, updating dependencies, and verifying the migration.
* Add javax to jakarta migration skill entry
* fix: correct link for adding agents in CONTRIBUTING.md
removing outdated prompts-link
* feat: add Terminal Helper agent for PowerShell and Bash command assistance
* fix: rename task to validate-plugins and update command details
as collections are outdated
https://github.com/github/awesome-copilot/pull/717
* update name format for terminal helper to lowercase
* update scope description for terminal context clarity
