mirror of
https://github.com/github/awesome-copilot.git
synced 2026-03-19 15:45:12 +00:00
7446df7054
* Tool Guardian Hook Add Tool Guardian hook for blocking dangerous tool operations Introduces a preToolUse hook that scans Copilot agent tool invocations against ~20 threat patterns (destructive file ops, force pushes, DB drops, permission abuse, network exfiltration) and blocks or warns before execution. * Address review feedback: move hook to .github/, remove accidental log file - Move hooks/tool-guardian/ to .github/hooks/tool-guardian/ - Remove accidentally committed guard.log - Update all path references in README.md * Move log directory to .github/, revert hook files back to hooks/ - Revert hook files from .github/hooks/ back to hooks/tool-guardian/ - Update default log path to .github/logs/copilot/tool-guardian/ - Update all path references in README.md and hooks.json
40 lines
2.8 KiB
Markdown
40 lines
2.8 KiB
Markdown
# 🪝 Hooks
|
|
|
|
Hooks enable automated workflows triggered by specific events during GitHub Copilot coding agent sessions, such as session start, session end, user prompts, and tool usage.
|
|
### How to Contribute
|
|
|
|
See [CONTRIBUTING.md](../CONTRIBUTING.md#adding-hooks) for guidelines on how to contribute new hooks, improve existing ones, and share your use cases.
|
|
|
|
### How to Use Hooks
|
|
|
|
**What's Included:**
|
|
- Each hook is a folder containing a `README.md` file and a `hooks.json` configuration
|
|
- Hooks may include helper scripts, utilities, or other bundled assets
|
|
- Hooks follow the [GitHub Copilot hooks specification](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/use-hooks)
|
|
|
|
**To Install:**
|
|
- Copy the hook folder to your repository's `.github/hooks/` directory
|
|
- Ensure any bundled scripts are executable (`chmod +x script.sh`)
|
|
- Commit the hook to your repository's default branch
|
|
|
|
**To Activate/Use:**
|
|
- Hooks automatically execute during Copilot coding agent sessions
|
|
- Configure hook events in the `hooks.json` file
|
|
- Available events: `sessionStart`, `sessionEnd`, `userPromptSubmitted`, `preToolUse`, `postToolUse`, `errorOccurred`
|
|
|
|
**When to Use:**
|
|
- Automate session logging and audit trails
|
|
- Auto-commit changes at session end
|
|
- Track usage analytics
|
|
- Integrate with external tools and services
|
|
- Custom session workflows
|
|
|
|
| Name | Description | Events | Bundled Assets |
|
|
| ---- | ----------- | ------ | -------------- |
|
|
| [Dependency License Checker](../hooks/dependency-license-checker/README.md) | Scans newly added dependencies for license compliance (GPL, AGPL, etc.) at session end | sessionEnd | `check-licenses.sh`<br />`hooks.json` |
|
|
| [Governance Audit](../hooks/governance-audit/README.md) | Scans Copilot agent prompts for threat signals and logs governance events | sessionStart, sessionEnd, userPromptSubmitted | `audit-prompt.sh`<br />`audit-session-end.sh`<br />`audit-session-start.sh`<br />`hooks.json` |
|
|
| [Secrets Scanner](../hooks/secrets-scanner/README.md) | Scans files modified during a Copilot coding agent session for leaked secrets, credentials, and sensitive data | sessionEnd | `hooks.json`<br />`scan-secrets.sh` |
|
|
| [Session Auto-Commit](../hooks/session-auto-commit/README.md) | Automatically commits and pushes changes when a Copilot coding agent session ends | sessionEnd | `auto-commit.sh`<br />`hooks.json` |
|
|
| [Session Logger](../hooks/session-logger/README.md) | Logs all Copilot coding agent session activity for audit and analysis | sessionStart, sessionEnd, userPromptSubmitted | `hooks.json`<br />`log-prompt.sh`<br />`log-session-end.sh`<br />`log-session-start.sh` |
|
|
| [Tool Guardian](../hooks/tool-guardian/README.md) | Blocks dangerous tool operations (destructive file ops, force pushes, DB drops) before the Copilot coding agent executes them | preToolUse | `guard-tool.sh`<br />`hooks.json` |
|