GitHub Copilot Integration Guide

Overview

GitHub Copilot is a broad enterprise AI coding surface across VS Code, Visual Studio, JetBrains IDEs, Xcode, Eclipse, Vim/Neovim, and Azure Data Studio. Cup’n’String provides governance around network egress, policy attribution, MCP or tool activity where available, and local secret exposure.

Support level

Native policy profile across supported IDEs

What Cup’n’String detects

• Copilot-capable IDEs
• Known Copilot extension processes/configurations
• Agent-mode capable environments where observable

What it governs

• Approved/blocked provider access
• Local file and secret exposure patterns
• Agent mode network and local-service access

Recommended policies

• Define approved Copilot-enabled IDEs
• Audit agent mode
• Restrict MCP/tool access to approved registries/servers

Setup outline

1. Ensure the Cup’n’String agent daemon is running.
2. The agent automatically applies the Copilot policy profile to any active Copilot sessions on the workstation.
3. Configure your Copilot credentials and endpoints to align with corporate access policy.

Verification

Use Copilot chat or agent mode to trigger an outbound network call, and verify it is captured and attributed to Copilot in the dashboard logs.

Troubleshooting

If chat traffic isn’t captured, ensure the client IDE isn’t ignoring the system proxy configurations.

Known limitations

Copilot internals vary by host IDE.