Copilot injecting ads

Melbourne developer Zach Manson posted that Copilot added a hidden HTML comment tagged “START COPILOT CODING AGENT TIPS” that included a Raycast integration promo inside a pull request. (byteiota.com) One analysis claimed the promotional snippets appeared across more than 11,000 pull requests and thousands of repositories during a March 26–30 window. (byteiota.com) GitHub announced on March 25 that, starting April 24, 2026, interaction data from Copilot Free, Pro, and Pro+ users—defined as inputs, outputs, code snippets and associated context—will be used to train models by default unless users opt out. (github.blog) Community backlash over AI-generated “slop” has prompted GitHub to consider repository-level controls such as a pull-request “kill switch,” stricter collaborator-only PR limits, and more granular permissions for AI actions. (theregister.com) Third-party maintainers and projects are building countermeasures: the Coolify project published an “Anti Slop” GitHub Action that its developer says would block roughly 98% of low-quality AI PRs, and the Gentoo distribution has begun migrating some repos off GitHub to alternatives like Codeberg. (devclass.com) Security researchers and prior disclosures underscore risk to private code: a June 2025 Copilot Chat vulnerability was reported with a CVSS score near 9.6 for exfiltration via prompt-injection techniques, illustrating how hidden instructions in PRs can become an attack vector. (gbhackers.com) The discovery sparked heavy community discussion, with the initial report trending on Hacker News (reported as 825 points and 252 comments) and amplifying concerns about monetization, privacy, and agent-driven automation across developer workflows. (byteiota.com)