Skip to main content

GitHub Copilot

Vectimus governs GitHub Copilot through its native hook system. Both VS Code Copilot Agent and GitHub Copilot CLI formats are supported.

Setup

vectimus init

If GitHub Copilot is detected (VS Code or the github-copilot-cli binary is available), vectimus init writes the hook configuration automatically.

The generated config lives at .github/hooks/vectimus.json in your project directory:

{
  "hooks": {
    "PreToolUse": [
      {
        "type": "command",
        "command": "vectimus hook --source copilot"
      }
    ]
  }
}

If you already have hooks configured, Vectimus merges its hook with your existing ones. Your custom hooks are preserved.

How it works

  1. Copilot fires the PreToolUse hook before every tool call
  2. The hook sends the tool name and arguments to vectimus hook via stdin as JSON
  3. Vectimus normalises the payload, evaluates it against Cedar policies and returns a decision
  4. On deny, Vectimus exits with code 2 and writes the rejection reason to stderr
  5. Copilot blocks the tool call

Payload formats

Vectimus handles both payload formats automatically:

VS Code Copilot Agent (snake_case):

{
  "tool_name": "run_shell_command",
  "tool_input": { "command": "rm -rf /tmp/build" }
}

GitHub Copilot CLI (camelCase):

{
  "toolName": "run_shell_command",
  "toolArgs": "{\"command\": \"rm -rf /tmp/build\"}"
}

The same Cedar policies that govern Claude Code and Cursor apply here. No policy changes needed.

Config file protection

Vectimus includes a policy (vectimus-fileint-010) that protects its own hook config files at .github/hooks/*. Agents cannot modify these files.

Observe mode

To trial Vectimus without blocking:

vectimus observe on

All decisions are logged to ~/.vectimus/logs/ but tool calls proceed normally. Review the audit log, then switch to enforcement:

vectimus observe off

Performance and audit

The evaluation daemon auto-starts on the first hook call and keeps the Cedar engine warm in memory, reducing latency from ~200ms to under 10ms. Every evaluation produces an Ed25519-signed governance receipt stored in .vectimus/receipts/. Receipts are retained for 7 days by default (configurable via [receipts] retention_days in config). Use vectimus verify to validate receipts offline and vectimus receipts prune for manual cleanup.

Remove hooks

vectimus remove

This strips Vectimus entries from .github/hooks/vectimus.json while preserving your other hooks.