Skills copilot-sdk
📦

copilot-sdk

Safe

Build AI Apps with GitHub Copilot SDK

Developers need programmatic access to GitHub Copilot for custom AI workflows. This SDK provides session management, custom tools, hooks, and MCP integration across Node.js, Python, Go, and .NET.

Supports: Claude Codex Code(CC)
📊 71 Adequate
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "copilot-sdk". Create a session and ask Copilot to explain a Python function

Expected outcome:

Session created with gpt-4.1 model. Copilot analyzes the function and provides a detailed explanation of its purpose, parameters, return value, and potential improvements.

Using "copilot-sdk". Define a weather tool and ask Copilot about conditions in a city

Expected outcome:

Custom tool registered. When asked about weather, Copilot calls the tool and returns structured data including city, temperature, and conditions.

Using "copilot-sdk". Enable streaming and request a code review

Expected outcome:

Response streams token-by-token in real-time. Code review feedback appears progressively with syntax highlighting and inline suggestions.

Security Audit

Safe
v1 • 2/24/2026

All 192 static analysis findings are false positives. The scanner misinterpreted markdown code block delimiters (```) as shell backtick execution. The file contains documentation examples only, not executable code. URLs are reference links, environment variable mentions document authentication patterns. No actual security risks detected.

1
Files scanned
516
Lines analyzed
0
findings
1
Total audits
No security issues found
Audited by: claude

Quality Score

38
Architecture
100
Maintainability
87
Content
32
Community
100
Security
87
Spec Compliance

What You Can Build

AI-Powered Development Tools

Build IDE extensions or CLI tools that leverage Copilot for code generation, review, and refactoring with custom tool integrations.

Automated Code Review Systems

Create custom agents for pull request analysis, security scanning, and best practices validation with automated feedback.

Multi-Agent Workflows

Orchestrate specialized AI agents for different tasks like documentation, testing, and deployment using MCP server integration.

Try These Prompts

Basic Session Creation 
Create a CopilotClient, start a session with the gpt-4.1 model, and send a message asking for code explanation.
Custom Tool Integration 
Define a custom tool that retrieves file contents from the filesystem, then create a session that can use this tool to answer questions about project files.
Streaming with Event Handlers 
Set up a streaming session that displays real-time responses, handles assistant message deltas, and logs session idle events.
MCP Server and Hooks 
Configure a session with an MCP server for GitHub API access, add hooks to control shell command permissions, and implement custom error handling.

Best Practices

  • Use hooks to implement permission controls for sensitive operations like shell commands and file access
  • Enable debug logging during development to troubleshoot connection and authentication issues
  • Use session persistence with custom IDs for long-running workflows that may exceed context limits

Avoid

  • Hardcoding GitHub tokens in source code instead of using environment variables
  • Creating new sessions for every request instead of reusing sessions for related tasks
  • Ignoring permission requests and auto-approving all tool calls without validation

Frequently Asked Questions

What is the difference between Copilot SDK and Copilot CLI?
The CLI is a command-line interface for direct user interaction. The SDK wraps the CLI to enable programmatic access for building applications that integrate Copilot capabilities.
Do I need a GitHub Copilot subscription to use the SDK?
A subscription is required for standard GitHub Copilot models. However, you can use BYOK (Bring Your Own Key) to connect to alternative providers like Azure OpenAI or Anthropic without a Copilot subscription.
How do I handle authentication for the SDK?
Authentication priority: 1) Explicit githubToken in constructor, 2) COPILOT_GITHUB_TOKEN environment variable, 3) GH_TOKEN or GITHUB_TOKEN, 4) Stored OAuth from copilot auth login, 5) GitHub CLI credentials.
Can I use the SDK with local AI models?
Yes. Use the BYOK provider configuration with Ollama or other local model servers. Set provider type to 'openai' and specify your local endpoint URL.
What are MCP servers and how do I use them?
MCP (Model Context Protocol) servers provide pre-built tools via standardized interfaces. Configure mcpServers in session config with either HTTP URLs for remote servers or local command configurations for stdio servers.
How do I prevent unauthorized tool execution?
Use the onPreToolUse hook to intercept tool calls. Return permissionDecision: 'deny' with a reason for blocked operations. Auto-approve only trusted tools like git commands.

Developer Details

Author

sickn33

License

MIT

Repository

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/copilot-sdk

Ref

main

File structure

📄 SKILL.md