When Copilot coding agent opens a pull request or pushes changes, Copilot is treated like an outside contributor in an open source project. GitHub Actions workflows do not run until approved by a human with the Approve and run workflows button.

This helps protect you from security risks, given that GitHub Actions workflows may have access to tokens, secrets, or repository permissions, depending on your configuration. However, it slows down the feedback loop for validating Copilot’s work and finding out if tests pass.

In some repositories, you may want GitHub Actions workflows to run automatically so you can iterate more quickly, despite the risks.

We’ve added a new repository setting to allow repository administrators to skip the human approval so workflows run immediately. By default, as before, we’ll require approval from a human before workflows run.

To learn more, see “Configuring settings for GitHub Copilot coding agent” in the GitHub Docs.