Organization firewall settings for Copilot cloud agent
Copilot cloud agent includes a built-in agent firewall to control Copilot s internet access and help protect against prompt injection and data exfiltration. Until now, the firewall was configured at the The post Organization firewall settings for Copilot cloud agent appeared first on The GitHub Blog .
Copilot cloud agent includes a built-in agent firewall to control Copilot’s internet access and help protect against prompt injection and data exfiltration. Until now, the firewall was configured at the repository level by repository admins.
Organization admins can now manage the agent firewall across all repositories in their organization. This makes it easier to roll out Copilot cloud agent at scale with the right defaults and guardrails for your needs. Organization admins can:
-
Turn the firewall on or off across all repositories, or allow each repository to decide.
-
Turn the recommended allowlist on or off across all repositories, or allow each repository to decide.
-
Add entries to an organization-wide custom allowlist, covering all repositories (e.g., allowing access to an internal package registry).
-
Control whether repository admins are allowed to add their own custom allowlist entries.
By default, all settings allow each repository to decide, preserving existing behavior.
To learn more, see “Customizing the agent firewall for Copilot cloud agent” in the GitHub Docs.
Subscribe to our developer newsletter
Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.
Back to top
GitHub Copilot Changelog
https://github.blog/changelog/2026-04-03-organization-firewall-settings-for-copilot-cloud-agentSign in to highlight and annotate this article
Conversation starters
Daily AI Digest
Get the top 5 AI stories delivered to your inbox every morning.
More about
copilotagentgithub
GPT-5.1 Codex, GPT-5.1-Codex-Max, and GPT-5.1-Codex-Mini deprecated
We have deprecated the following models across all GitHub Copilot experiences (including Copilot Chat, inline edits, ask and agent modes, and code completions) on April 1, 2026. Model Deprecation date The post GPT-5.1 Codex, GPT-5.1-Codex-Max, and GPT-5.1-Codex-Mini deprecated appeared first on The GitHub Blog .
Knowledge Map
Connected Articles — Knowledge Graph
This article is connected to other articles through shared AI topics and tags.
More in Products
Take-Two lays off AI team members weeks after "embracing" generative AI
The revelation came from Luke Dicken, who was made Take-Two's Head of AI in early 2025. He wrote in a LinkedIn post that "It's truly disappointing that I have to share with you that my time with T2 – and that of my team – has come to an end." Read Entire Article
AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech
See what you missed in Daily Tech Insider from March 30–April 3. The post AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech appeared first on TechRepublic .
Marc Andreessen on AI Winters and Agent Breakthroughs
This episode originally aired on the Latent Space Podcast. swyx and Alessio Fanelli speak with Marc Andreessen about the arc of AI from its origins in 1943 to today's breakthroughs in reasoning, coding agents, and self-improvement. They cover the parallels between AI scaling laws and Moore's Law, the architectural insight behind Claude Code and the Unix shell, the coming supply crunch in compute, and why the messy reality of 8 billion people means both AI utopians and doomers are too optimistic about the pace of change. Follow Marc Andreessen on X: https://twitter.com/pmarca Follow Shawn "swyx" Wang on X: https://twitter.com/swyx Follow Alessio Fanelli on X: https://twitter.com/FanaHOVA Listen to Latent Space . Stay Updated: Find a16z on YouTube: YouTube Find a16z on X Find a16z on LinkedI
Discussion
Sign in to join the discussion
No comments yet — be the first to share your thoughts!