Organization firewall settings for Copilot cloud agent

Copilot cloud agent includes a built-in agent firewall to control Copilot’s internet access and help protect against prompt injection and data exfiltration. Until now, the firewall was configured at the repository level by repository admins.

Organization admins can now manage the agent firewall across all repositories in their organization. This makes it easier to roll out Copilot cloud agent at scale with the right defaults and guardrails for your needs. Organization admins can:

Turn the firewall on or off across all repositories, or allow each repository to decide.
Turn the recommended allowlist on or off across all repositories, or allow each repository to decide.
Add entries to an organization-wide custom allowlist, covering all repositories (e.g., allowing access to an internal package registry).
Control whether repository admins are allowed to add their own custom allowlist entries.

By default, all settings allow each repository to decide, preserving existing behavior.

To learn more, see “Customizing the agent firewall for Copilot cloud agent” in the GitHub Docs.

JUN.17Release
Auto mode in Copilot Chat available for all users
- Copilot
JUN.17Release
Agent finder for GitHub Copilot now available
- Copilot
JUN.17Release
Copilot individual plan sign-ups are reopening
- Copilot
JUN.17Release
GitHub Copilot app generally available
- Copilot
JUN.12Improvement
Copilot code review: New configurations and controls
- Copilot
JUN.11Release
Agentic workflows no longer need a personal access token
- Copilot
JUN.10Release
Copilot Chat now sees your agent sessions
- Copilot
JUN.9Release
Claude Fable 5 is generally available for GitHub Copilot
- Copilot
JUN.5Retired
GPT-5.2 and GPT-5.2-Codex deprecated
- Copilot

Organization firewall settings for Copilot cloud agent

Related Posts

Subscribe to our developer newsletter