THREAT OPS › Threat News › GitHub Copilot Custom Instructions and Risks
GitHub Copilot Custom Instructions and Risks
<p>GitHub Copilot has the capability to be augmented with <a href="https://docs.github.com/en/copilot/customizing-copilot/adding-repository-custom-instructions-for-github-copilot">custom instructions</a> coming from the current repo, via the <code>.github/copilot-instructions.md</code> file.</p> <p><a href="https://embracethered.com/blog/images/2025/github-copilot-instructions-tn.png"><img alt="co
MITRE ATT&CK techniques
- Invisible UnicodeT1027.018
Indicators of compromise
- https://www.pillar.security/blog/new-vulnerability-in-github-copilot-and-cursor-how-hackers-can-weaponize-code-agentsurl
- https://github.blog/changelog/2025-05-01-github-now-provides-a-warning-about-hidden-unicode-text/url