github GitHub Changelog ·

GitHub Copilot app adds security reviews in public preview

securitypreviewengineer
feature announcement

GitHub Copilot app now offers AI-driven security reviews for code changes using the `/security-review` command, currently in public preview. This feature aims to catch high-impact vulnerabilities and provide actionable suggestions before code is committed, complementing existing GitHub security tools. It is available to all Copilot users during the preview period.

  • AI-powered security reviews available in GitHub Copilot app
  • Security reviews provide findings and actionable suggestions
  • Security scanning tuned for common vulnerability classes
  • Security reviews complement existing GitHub security tools
  • How to try the new security review feature
Features (3)
  • AI-powered security reviews available in GitHub Copilot app

    A new `/security-review` slash command allows users to scan in-flight code changes for security vulnerabilities directly within the GitHub Copilot app. The feature is currently shipping in public preview.

  • Security reviews provide findings and actionable suggestions

    The `/security-review` command analyzes current code changes to identify high-confidence security findings scored by severity and confidence. It offers actionable suggestions for remediation directly within Copilot, allowing for reverification without leaving the coding environment.

  • Security scanning tuned for common vulnerability classes

    The scan is designed to detect common, high-impact vulnerability types including injection flaws, cross-site scripting (XSS), insecure data handling, path traversal, and weak cryptography.

Notes (2)
  • Security reviews complement existing GitHub security tools

    This new command offers a lightweight, on-demand check for local changes, acting as a complement to GitHub's established tools like code scanning, Dependabot, and secret scanning.

  • How to try the new security review feature

    Users can try the `/security-review` command by opening a project in the Copilot app, making code changes, and then executing the command. It is available to Copilot Free, Pro, Business, and Enterprise users during the public preview.

Read the original announcement →

https://github.blog/changelog/2026-07-14-security-reviews-now-available-in-the-github-copilot-app

Related releases