Copilot Cloud Agent Firewall Now Org-Level Configurable

TL;DR

• Organization admins can now manage Copilot cloud agent firewall settings across all repos instead of per-repo only
• Set org-wide defaults for firewall on/off, recommended allowlist, and custom allowlist entries
• Backward compatible — all settings default to "let each repo decide"

New

• Organization-level firewall management — Admins can now enforce or allow firewall settings across all repositories, making it easier to roll out Copilot cloud agent at scale with consistent security defaults.
• Org-wide custom allowlist — Add entries (like internal package registries) that apply to all repos without requiring per-repo configuration.
• Granular control over repo overrides — Choose whether repository admins can add their own custom allowlist entries or must stick to org settings.
• Recommended allowlist toggle — Turn GitHub's recommended allowlist on or off org-wide, or let each repo decide independently.

Details

The agent firewall protects against prompt injection and data exfiltration by controlling Copilot's internet access. Previously, only repository admins could configure it. Now organization admins have three options for each setting: enforce it org-wide, disable it org-wide, or allow repos to choose their own policy.

To get started, see Customizing the agent firewall for Copilot cloud agent in the GitHub Docs.

Source: GitHub Changelog