Github Copilot
AI Agent Reliability Report
Failure Modes
Root Causes
Frequently Asked Questions
Is Github Copilot reliable?
Based on 4 documented incidents, Github Copilot has an average failure severity of 10.0/10. 4 incidents were rated critical and 0 were rated high severity. Common failure modes include security vulnerability.
What are the most common Github Copilot failures?
The most frequently documented Github Copilot failure modes are: security vulnerability (4 incidents). These failures range from critical to high severity.
How many Github Copilot AI failures have been documented?
StupidLLM has documented 4 Github Copilot AI agent failures. Each incident is severity-scored on a 0-10 scale, verified against source evidence, and categorized by failure mode and root cause.
All Github Copilot Incidents
Copilot autocompleted AWS credentials into public repository
While a developer was writing an AWS configuration file, Copilot suggested a completion that included what appeared to be real AWS access keys. The developer accepted the suggestio
GitHub Copilot suggested 2,702 valid secrets — 33% of extracted keys were real, live credentials
Research from GitGuardian and the Chinese University of Hong Kong showed GitHub Copilot regurgitating real secrets memorized from its training data. Across 8,127 Copilot suggestion
CamoLeak: hidden prompt injection turned GitHub Copilot Chat into a silent code/secret exfiltration channel (CVSS 9.6)
Security researcher Omer Mayraz of Legit Security disclosed CamoLeak, a critical (CVSS 9.6) vulnerability in GitHub Copilot Chat discovered in June 2025. By planting hidden prompt-
Rule Files Backdoor: hidden Unicode in config files made Copilot and Cursor emit malicious code
Researchers at Pillar Security disclosed a technique they named the 'Rule Files Backdoor' affecting GitHub Copilot and Cursor. By embedding hidden instructions — using invisible Un