A Copilot coding agent was assigned the issue “Enforce account-lockout after five failed sign-in attempts.” The PR workflow passed, but reviewers found that the code only added a warning message and did not enforce lockout. Which option best explains the evaluation gap? Select one answer.
Workflow: agent-pr-evaluation
Event: pull_request
Actor: github-copilot[bot]
PR title: feat: add failed sign-in warning
Issue acceptance criteria:
- Lock account after five failed sign-in attempts
- Return AUTH_ACCOUNT_LOCKED on the sixth attempt
- Add regression coverage for lockout behaviour
Changed files:
docs/authentication.md
src/auth/messages.ts
Jobs:
markdown-lint: success
unit-tests:
command: npm test -- --changed
result: success
matched test files: none
code-style: success
No job matched tests/auth/lockout.spec.ts
No status check validated AUTH_ACCOUNT_LOCKED
Check conclusion: successChoose an answer
Tap an option to check your answer.
Correct answer: The checks did not prove lockout behaviour.
Why this is the answer
The checks did not prove lockout behavior because the unit tests job reported "matched test files: none," indicating no tests specifically covered the new lockout functionality. Furthermore, the note "No status check validated AUTHACCOUNTLOCKED" confirms that the critical return message for a locked account was not verified. While the workflow passed, it only validated general code quality and the presence of a warning message, not the core requirement of enforcing an account lockout. Running the workflow only after merge would be too late to catch the issue. The issue label is irrelevant to check execution. Copilot reactions are for interaction, not evaluation.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed