GitHub Copilot CLI Becomes Generally Available Amid Security Flaw

- The public preview for the GitHub Copilot CLI was launched in September 2025, with general availability for all paid subscribers announced on March 21, 2024. - The "RoguePilot" vulnerability was a form of indirect prompt injection discovered by security researchers at Orca Security. It allowed attackers to embed malicious instructions within a GitHub issue, which would then be automatically processed by Copilot in a Codespaces environment to leak sensitive data like GITHUB_TOKENs. - Microsoft has patched the specific "RoguePilot" vulnerability following responsible disclosure from Orca Security. - Prompt injection, in general, is recognized as a primary security vulnerability for Large Language Model (LLM) applications, as it exploits the model's inability to reliably distinguish between system instructions and user-provided data. - The attack surface for AI coding assistants is a growing concern, as malicious prompts can be hidden in various files like documentation or code comments, which the AI assistant processes as part of its context-gathering. - GitHub Copilot CLI entered a competitive market of terminal-based AI assistants, with existing tools from competitors like Claude, Codex, and Gemini already available. - During its public preview, the Copilot CLI defaulted to using Claude Sonnet 4, with the option for users to switch to GPT-5 by setting an environment variable, indicating a multi-model backend. - The vulnerability highlights a fundamental challenge in AI-assisted development: the trust boundary between the AI assistant, the code, and the developer's environment is easily exploitable with simple, carefully crafted text.