Agent skill

copilot-coding-agent

GitHub Copilot Coding Agent automation. Apply the ai-copilot label to an issue → GitHub Actions auto-assigns Copilot via GraphQL → Copilot creates a Draft PR. One-click issue-to-PR pipeline.

View SKILL.md on GitHub Repository
Stars 0
Forks 0

Install this agent skill to your Project

npx add-skill https://github.com/autohandai/community-skills/tree/main/copilot-coding-agent

Metadata

Additional technical details for this skill

tags
copilot, copilotview, github-actions, issue-to-pr, draft-pr, graphql, automation, ai-agent
source
https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent
keyword
copilotview
version
1.0.0
platforms
Claude, Codex, Gemini

SKILL.md

GitHub Copilot Coding Agent — Issue → Draft PR automation

If you add the ai-copilot label to an issue, GitHub Actions automatically assigns it to Copilot, and Copilot creates a branch → writes code → opens a Draft PR.

When to use this skill

  • When PMs/designers create issues and Copilot starts implementation without a developer
  • When offloading backlog issues (refactors/docs/tests) to Copilot
  • When delegating follow-up work created by Vibe Kanban / Conductor to Copilot
  • When automating pipelines like Jira → GitHub Issue → Copilot PR

Prerequisites

  • GitHub plan: Copilot Pro+, Business, or Enterprise
  • Copilot Coding Agent enabled: Must be enabled in repo settings
  • gh CLI: Authenticated
  • PAT: Personal Access Token with repo scope

One-time setup

bash
# One-click setup (register token + deploy workflow + create label)
bash scripts/copilot-setup-workflow.sh

This script does:

  1. Register COPILOT_ASSIGN_TOKEN as a repo secret
  2. Deploy .github/workflows/assign-to-copilot.yml
  3. Create the ai-copilot label

Usage

Option 1: GitHub Actions automation (recommended)

bash
# Create issue + ai-copilot label → auto-assign Copilot
gh issue create \
  --label ai-copilot \
  --title "Add user authentication" \
  --body "Implement JWT-based auth with refresh tokens. Include login, logout, refresh endpoints."

Option 2: Add a label to an existing issue

bash
# Add label to issue #42 → trigger Actions
gh issue edit 42 --add-label ai-copilot

Option 3: Assign directly via script

bash
export COPILOT_ASSIGN_TOKEN=<your-pat>
bash scripts/copilot-assign-issue.sh 42

How it works (technical)

Issue created/labeled
    ↓
GitHub Actions triggered (assign-to-copilot.yml)
    ↓
Look up Copilot bot ID via GraphQL
    ↓
replaceActorsForAssignable → set Copilot as assignee
    ↓
Copilot Coding Agent starts processing the issue
    ↓
Create branch → write code → open Draft PR
    ↓
Auto-assign you as PR reviewer

Required GraphQL header:

GraphQL-Features: issues_copilot_assignment_api_support,coding_agent_model_selection

GitHub Actions workflows

Workflow Trigger Purpose
assign-to-copilot.yml Issue labeled ai-copilot Auto-assign to Copilot
copilot-pr-ci.yml PR open/update Run CI (build + tests)

Copilot PR limitations

Copilot is treated like an external contributor.

  • PRs are created as Draft by default
  • Before the first Actions run, a manual approval from someone with write access is required
  • After approval, copilot-pr-ci.yml CI runs normally
bash
# Check CI after manual approval
gh pr list --search 'head:copilot/'
gh pr view <pr-number>

planno (plannotator) integration — optional

Review the issue spec in planno before assigning to Copilot (independent skill, not required):

text
Review and approve this issue spec in planno

After approval, add the ai-copilot label → trigger Actions.

Common use cases

1. Label-based Copilot queue

PM writes an issue → add ai-copilot label
→ Actions auto-assigns → Copilot creates Draft PR
→ Team only performs PR review

2. Combined with Vibe Kanban / Conductor

Follow-up issues created by Vibe Kanban:
  refactors/docs cleanup/add tests
  → ai-copilot label → Copilot handles
→ Team focuses on main feature development

3. External system integration

Jira issue → Zapier/webhook → auto-create GitHub Issue
→ ai-copilot label → Copilot PR
→ Fully automated pipeline

4. Refactoring backlog processing

bash
# Bulk-add label to backlog issues
gh issue list --label "tech-debt" --json number \
  | jq '.[].number' \
  | xargs -I{} gh issue edit {} --add-label ai-copilot

Check results

bash
# List PRs created by Copilot
gh pr list --search 'head:copilot/'

# Specific issue status
gh issue view 42

# PR CI status
gh pr checks <pr-number>

References

Quick Reference

=== Setup ===
bash scripts/copilot-setup-workflow.sh   one-time setup

=== Issue assignment ===
gh issue create --label ai-copilot ...  new issue + auto-assign
gh issue edit <num> --add-label ai-copilot  existing issue
bash scripts/copilot-assign-issue.sh <num>  manual assign

=== Verify results ===
gh pr list --search 'head:copilot/'    Copilot PR list
gh pr view <num>                        PR details
gh pr checks <num>                      CI status

=== Constraints ===
Copilot Pro+/Business/Enterprise required
First PR requires manual approval (treated as an external contributor)
PAT: repo scope required

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

autohandai/community-skills

mapping-mitre-attack-techniques

Maps observed adversary behaviors, security alerts, and detection rules to MITRE ATT&CK techniques and sub-techniques to quantify detection coverage and guide control prioritization. Use when building an ATT&CK-based coverage heatmap, tagging SIEM alerts with technique IDs, aligning security controls to adversary playbooks, or reporting threat exposure to executives. Activates for requests involving ATT&CK Navigator, Sigma rules, MITRE D3FEND, or coverage gap analysis.

0 0
Explore
autohandai/community-skills

hunting-for-spearphishing-indicators

Hunt for spearphishing campaign indicators across email logs, endpoint telemetry, and network data to detect targeted email attacks.

0 0
Explore
autohandai/community-skills

analyzing-malicious-url-with-urlscan

URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content, HTTP transactions, JavaScript behavior, and network connections of web pages in an isolat

0 0
Explore
autohandai/community-skills

implementing-zero-standing-privilege-with-cyberark

Deploy CyberArk Secure Cloud Access to eliminate standing privileges in hybrid and multi-cloud environments using just-in-time access with time, entitlement, and approval controls.

0 0
Explore
autohandai/community-skills

implementing-pam-for-database-access

Deploy privileged access management for database systems including Oracle, SQL Server, PostgreSQL, and MySQL. Covers session proxy configuration, credential vaulting, query auditing, dynamic credentia

0 0
Explore
autohandai/community-skills

detecting-t1003-credential-dumping-with-edr

Detect OS credential dumping techniques targeting LSASS memory, SAM database, NTDS.dit, and cached credentials using EDR telemetry, Sysmon process access monitoring, and Windows security event correlation.

0 0
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results