Skip to main content
HashnodePeter WalkerPeter Walker

Command Palette

Search for a command to run...

Copilot Content Exclusion Example

Published
1 min read
Copilot Content Exclusion Example
P
Peter Walker
Part of seriesAI Security Best Practices

Copilot Content Exclusion

Copilot has been great for our org, but it's a good idea to use a Content Exclusion policy to your GitHub repository settings to specify content that Copilot should ignore. With the increased use of the GitHub Copilot agent comes the need to keep things more secure. Read more from GitHub Docs

Example Content Exclusion config file

The first lines ensures that this is applied to all repos in your GitHub org. I like this method as well because it clearly defines line by line what should be excluded.

"*":
  - "**/.env"
  - "**/.env.*"
  - "**/.aws/credentials"
  - "**/.github/secrets/"
  - "**/secrets.json"
  - "**/*_history" # Shell history files
  # --- Terraform files ---
  - "**/.terraform/"
  - "**/*.tfvars"
  # --- Cetificate files ---
  - "**/*.pem"
  - "**/*.key"
  - "**/*.p12"
  - "**/*.crt"
  # --- .NET files ---
  - "**/secrets.json"
  - "**/appsettings.*.json"
  - "**/*.pubxml"
  - "**/*.pubxml.user"
  - "**/*.user"
  - "**/*.suo"
  # --- Kubernetes files ---
  - "**/secrets/*.yaml"
  - "**/sealed-secrets/*.yaml"
  - "**/.kube/config"
#copilot#ai#ai-security#security#genai#microsoft#ai-agent#github#github-agent#devops#repository#reposecurity
25 views

AI Security Best Practices

Part 1 of 1

This series explores some of the best practices around securing your AI usage with Copilot being the main focus.

More from this blog

P

Peter Walker

8 posts