A team reviews whether the local agent session and repository setup provide a safe execution context. The repository is cloned to ~/work/payments-api, and the developer wants Copilot CLI to make only repository-scoped changes. Evaluate the following statements. 1. Starting from the repository path is safer than starting from the home directory. 2. The untracked customer export should be removed or isolated before the agent session. 3. The prompt fully prevents Copilot CLI from accessing unwanted local files.
pwd
# /Users/dev/work/payments-api
git status --short
# M .github/workflows/validate-pr.yml
# ?? tmp/customer-export.csv
copilot
# Prompt:
# Fix the failed validate-pr workflow and update tests.
# Do not inspect customer data files.
# After changes, show git diff and run npm test.Choose an answer
Tap an option to check your answer.
Correct answer: 1=Yes 2=Yes 3=No.
Why this is the answer
Statement 1 is correct because starting the agent session from the repository path (~/work/payments-api) restricts the agent's initial scope to that directory, making it less likely to accidentally access files outside the intended project. Statement 2 is correct because the tmp/customer-export.csv file is untracked and contains sensitive data. Removing or isolating it prevents accidental inspection or modification by the agent, enhancing security. Statement 3 is incorrect. While the prompt includes "Do not inspect customer data files," natural language prompts are not a foolproof security mechanism. An agent might still access or process such files if its underlying models or tools interpret the instruction imperfectly or if other directives override it. Relying solely on a prompt for file access control is insufficient.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed