GitHub Certification Exam Answers
Verified answers and clear explanations for every GitHub certification exam. Browse by exam below, or practice the full set on ExamRoll.io.
Github GH-600 Agentic AI Developer Certification All exam questions
- A Copilot cloud agent created a branch and draft pull request to fix a broken authentication flow. The pull request summary claims the bug is fixed, but the validation workflow failed and uploaded diagnostic artifacts. The team wants to identify the root cause before asking Copilot to continue. Which four actions should you perform in order? 1. Compare the agent plan with the pull request diff 2. Mark the draft pull request ready for review 3. Open the failed workflow run and failed step logs 4. Download the diagnostics artifact from the run 5. Ask Copilot to retry with broader permissions 6. Inspect trace outputs for the failing authentication path
- A Copilot cloud agent created a draft pull request to fix a flaky checkout failure. The PR summary says the agent updated the retry logic and the validation workflow completed. A reviewer opens the workflow run logs and artifact summary before deciding whether the root cause was fixed. Which option best identifies the root cause evidence? Select one answer.
- A Copilot cloud agent created a draft pull request to fix incorrect tax rounding. The workflow completed, but a reviewer says the fix is wrong because the agent changed the rounding rule instead of preserving the contract requirement. Which root cause classification best fits the failure? Select one answer.
- A Copilot cloud agent is assigned an issue that includes a one-off production error, a temporary customer identifier, and a log excerpt that applies only to this incident. The team wants the agent to use that context for the current fix without making the customer identifier influence later work in the repository. Which memory strategy should you choose?
- A Copilot cloud agent is assigned to a GitHub issue that was created from a production exception. The repository has an MCP configuration that should allow the agent to read Sentry event details, but the agent session cannot start the Sentry MCP server. Which change should you make first? Select one answer.
- A Copilot cloud agent is working on a branch that changed the test harness. The team expected Copilot Memory to reuse a stored repository fact about database test setup, but the agent does not apply it. Which option best explains the behavior?
- A Copilot cloud agent repeatedly fails before it can analyze a repository that depends on private GitHub Packages. The session log shows package installation failures before any source-code reasoning or tool-selection decisions happen. Which option both fixes the setup and supports the correct root cause classification?
- A Copilot cloud agent task updates database migration code from an assigned issue. Copilot creates a draft pull request and the validation workflow fails on an integration test. The agent comments that the failure may require production-like database credentials. The repository requires CODEOWNERS review and passing required checks before merging. A developer wants to move the PR forward without losing the agent’s work. Which action should you take first? Select one answer.
- A Copilot coding agent creates a draft pull request that updates authentication middleware. The PR passes unit tests and linting. The diff changes token validation, session expiry, and an authorization helper used by admin routes. The team wants automation to keep running, but it must not let this type of change merge without a qualified reviewer. Which action should require human judgment?
- A Copilot coding agent frequently opens draft pull requests that fail validation for different reasons: missing dependencies, test failures, and permission errors. You need to improve the workflow so maintainers can diagnose failures without allowing broken agent output to merge. Which four actions should you perform in order? 1. Upload diagnostics only after the pull request is merged. 2. Capture command output into a diagnostics directory. 3. Add conditional artifact upload for failed validation. 4. Convert failed validations into successful neutral checks. 5. Preserve the failed required-check result after diagnostics upload. 6. Add targeted permission checks for reporting steps.
- A Copilot coding agent is assigned issues labelled agent-task. The team wants the PR evaluation workflow to measure whether the generated code satisfies the intended feature behaviour. The workflow should run on Copilot PR updates, execute behaviour-focused tests, and only write the evaluation summary when the behaviour checks have passed. Which option completes the workflow?
- A Copilot coding agent opened a draft pull request for an assigned issue. The team expects tests to run immediately, but the integration environment should request approval only after the PR is ready for review. The repository owner sees this workflow run. Which option best explains the behaviour? Select one answer.
- A Copilot coding agent opened a pull request that updates a test workflow. The team wants retry behaviour only around a flaky package download step, not around the full job. If all retry attempts fail, the workflow must still fail so the Copilot-generated PR is not treated as validated. Which option completes the workflow?
- A Copilot coding agent opens a draft pull request for an issue that requires preserving backward compatibility. The evaluation workflow completes and creates an evaluation summary. Which option best explains the evaluation result? Select one answer.
- A Copilot coding agent opens a draft pull request that changes a payment-retention policy and adds a script that can purge archived transactions. The workflow validates the script and posts a plan summary to the PR. A maintainer wants the agent to apply the purge automatically once the validation check passes. The compliance team requires explicit approval before any purge job can access production secrets. Which configuration best satisfies the requirement? Select one answer.
- A Copilot coding agent PR is paused after two review cycles. The team wants to resume the work safely. The new prompt must continue from the accepted design, avoid rejected steps, and preserve a reviewable trail of remaining work. Which four actions should you perform in order? 1. Ask Copilot to replace the full implementation from scratch 2. Summarize accepted decisions from the PR timeline 3. Identify rejected approaches and unresolved checks 4. Add a handoff note to the PR or issue 5. Prompt Copilot with the handoff and exact next task 6. Mark the draft PR ready before validation finishes
- A Copilot coding agent session created a draft pull request for issue #412. The PR timeline shows that Copilot already changed the retry policy after a reviewer rejected the first approach. A second developer wants Copilot to continue the work after a failed check. The developer is worried that a new prompt may repeat the rejected design and overwrite the accepted direction. Which action should the developer take first? Select one answer.
- A Copilot coding agent session was paused after creating a draft pull request. Since then, maintainers added review comments, the issue scope changed, and main received new commits. The team wants to resume the agent safely without losing continuity or continuing from stale assumptions. Which four actions should you perform in order? 1. Ask the agent to continue from its previous summary 2. Record refreshed assumptions and decisions in the issue or artifact 3. Start the next agent execution against the current branch state 4. Fetch the latest base branch and issue or PR state 5. Reuse the previous agent-context-latest artifact 6. Compare previous session notes against current source, comments, and checks
- A Copilot coding agent task created a draft pull request. A validation agent ran checks, but the documentation agent did not comment and the reviewer cannot tell whether the documentation step failed, skipped, or never started. Which four actions should you perform in order? 1. Open the pull request timeline and locate Copilot session events 2. Check workflow run logs for failed or skipped jobs 3. Merge the draft PR after the successful build job 4. Compare required checks against branch protection requirements 5. Review the agent session logs linked from Copilot activity 6. Delete the workflow so future runs do not stall
- A Copilot coding agent updates a workflow to retry a flaky integration smoke test. The repository uses the workflow as a required check before merging. Review the configuration. Evaluate the following statements. 1. The retry loop preserves a failed check after all attempts fail. 2. The job timeout bounds the retry path if the script hangs. 3. The workflow retries the entire job automatically after failure.
- A Copilot coding agent was assigned an issue to fix timeout handling in src/auth/oauth.ts. After several autonomous iterations, the maintainer reviews the session log before allowing the draft pull request to move forward. Which option best identifies and corrects the drift? Select one answer.
- A Copilot coding agent was assigned the issue “Enforce account-lockout after five failed sign-in attempts.” The PR workflow passed, but reviewers found that the code only added a warning message and did not enforce lockout. Which option best explains the evaluation gap? Select one answer.
- A Copilot-assisted change comes from a first-time external contributor’s fork. The team expects tests to run before reviewers decide whether the change is safe to merge, but the workflow is waiting. Which option best explains the behaviour? Select one answer.
- A Copilot-created draft pull request adds a workflow that comments on the PR when validation fails. The required check fails before the error summary is posted. Which option best explains the failure? Select one answer.
- A Copilot-created draft pull request failed review. The reviewer needs to classify the root cause accurately before tuning the agent prompt, modifying tool permissions, or changing the setup workflow. Which four actions should you perform in order? 1. Compare the final diff against the acceptance criteria 2. Change the custom agent prompt to be stricter 3. Review session logs for tools used and errors 4. Check setup and workflow logs for environment failures 5. Classify the failure before selecting a remediation 6. Enable all MCP tools and rerun immediately
- A Copilot-created draft pull request includes code changes and a new workflow named agent-observability. Reviewers expected an inspection artifact, but the required workflow failed. Which option best explains the failure? Select one answer.
- A Copilot-generated draft PR updates memory guidance after evaluation found stale package names in generated fixes. The repository requires the memory-eval check before merge, but the check remains pending. Which option best explains the behaviour? Select one answer.
- A Copilot-generated draft pull request adds a database migration that can permanently delete legacy audit rows. The team allows the migration plan to be generated automatically, but applying the migration to production must wait for explicit approval from the compliance environment reviewers. Which option completes the workflow?
- A Copilot-generated draft pull request ran a multi-agent validation workflow. Reviewers cannot find the final audit bundle, even though the planner and implementer artifacts were uploaded. Which option best explains why the final audit bundle is missing? Select one answer.
- A Copilot-generated draft pull request updates only the agent prompt and task contract for a refactor. Branch protection requires the validate-agent-contract / contract check before merge. The check remains pending. Which option best explains the behaviour? Select one answer.
- A Copilot-generated pull request adds a workflow that comments on pull requests when an agent boundary check fails. The run fails even though the validation script completes and detects the policy violation. Which option best explains the failure?
- A Copilot-generated pull request changes an Actions workflow to add retry handling. The workflow is a required check for main. The PR author says the retry worked because the job conclusion is success. Which option best explains the defect? Select one answer.
- A Copilot-generated pull request updates infrastructure code for a production network rule. The workflow should require a human approval before applying the change. The apply job did not start, and the developer wants to know why. Which option best explains the workflow state? Select one answer.
- A custom agent is configured with a local MCP server so Copilot can query internal API contract metadata before editing generated client code. When the issue is assigned to Copilot, the session starts, but the agent cannot list the MCP tools. Which option best explains the log output? Select one answer.
- A custom Copilot cloud agent is intended to diagnose production errors using Sentry context. The agent can read and edit repository files, but it fails when it tries to retrieve the Sentry event referenced in the issue. Evaluate the following statements. 1. The Sentry server is configured, but its tool is unavailable to the custom agent. 2. The best root cause is a reasoning error rather than a tool-permission issue. 3. The guessed fix should be treated as lower confidence because required external context was unavailable.
- A developer adds the following MCP configuration to an IDE so Copilot Chat can use the hosted GitHub MCP server in agent mode. The team also wants Copilot Spaces tools available, without losing the default GitHub MCP tools. Evaluate the following statements. 1. The configuration targets the hosted GitHub remote MCP endpoint. 2. The configuration keeps default tools while adding Spaces tools. 3. The configuration authenticates with a PAT inside the JSON.
- A developer asks Copilot CLI to add retry handling to a flaky deployment helper script. The script is used by a GitHub Actions job that must fail when deployment cannot be verified. Copilot proposes the following change. What should you change before accepting the proposed script? Select one answer.
- A developer asks Copilot CLI to assemble an audit package for a failed multi-agent run. The terminal session is started outside the repository, and the prompt asks Copilot to summarize downloaded artifacts and comment on the draft pull request. Which change should you make first? Select one answer.
- A developer asks Copilot CLI to generate a local repair script for a failing integration test. The script will be used before assigning the issue to Copilot coding agent again. Which change should you make first? Select one answer.
- A developer asks Copilot CLI to repair a failing release pipeline. Copilot proposes a command sequence that uses a broad token already exported in the terminal session. Which option is the best guardrail response?
- A developer assigns a GitHub issue to Copilot cloud agent. Copilot opens a draft pull request, pushes several commits, and later a reviewer leaves a new requirement as a comment on the original issue instead of the pull request. Evaluate the following statements. 1. The pull request timeline and session logs can help trace what Copilot did. 2. New information added to the original issue after assignment is automatically included in Copilot’s active task context. 3. Audit log agent fields can help identify the agent session and initiating user.
- A developer configures the GitHub remote MCP server because they want Copilot Chat to create issues, list pull requests, and retrieve Copilot Space context from the IDE. The connection succeeds, but the GitHub issue and pull request tools do not appear. Which option best explains the log output? Select one answer.
- A developer has been using Copilot CLI for a long local refactor. The original task was to replace a deprecated billing helper only in src/billing/legacy.ts. After several prompts, the developer wants to check whether the current working tree has drifted before asking Copilot to continue. Which change should the developer make first? Select one answer.
- A developer is preparing to use GitHub Copilot CLI for a repository migration. The team requires Copilot to produce an implementation plan first, and the developer must not let the CLI modify files until the plan is reviewed. Which option best explains why this prompt supports the required boundary? Select one answer.
- A developer is responding to a degraded multi-agent release. Copilot cloud agent created a draft PR, the validation agent flagged a failing canary check, and the developer wants Copilot CLI to inspect the local rollback plan before asking a human reviewer to approve recovery. Which action should the developer take first? Select one answer.
- A developer is testing a repository-level custom agent named workflow-pr-agent. The agent profile limits the agent to read, search, edit, and github/*. During troubleshooting, the developer instead starts the default Copilot CLI session and adds a broad external MCP server. Which change should you make first? Select one answer.
- A developer is using Copilot CLI from a repository directory and selects a custom triage agent. They want the agent session to read GitHub issues and pull requests through MCP. Which review comment is most accurate? Select one answer.
- A developer is using Copilot CLI while working in a repository. The issue includes a generated implementation plan, but no maintainer has approved it yet. The repository team requires the plan to be reviewed before any commands modify files, create commits, or prepare pull requests. What should the developer do first? Select one answer.
- A developer is using GitHub Copilot CLI and tries to manually add the GitHub MCP server so Copilot can inspect issues and pull requests from the terminal. What should you tell the developer? Select one answer.
- A developer reports that an approved Jira MCP server is blocked in Copilot Chat. The organization policy is set to Registry only. You review the MCP startup output and registry metadata. Which option best explains the failure?
- A developer resumes an agent-assisted fix from yesterday. The previous Copilot CLI session produced a local summary, but the issue has new maintainer comments and the base branch has moved. The developer is still on yesterday’s local branch. What should the developer do first? Select one answer.
- A developer starts a Copilot CLI session for a repository cleanup task. Copilot may read files, search the codebase, edit local files, and run Git inspection commands, but it must not fetch external URLs or push commits. Which option best describes this permission configuration? Select one answer.
- A developer starts Copilot CLI while investigating a failing payment issue. The issue includes temporary payload values copied from a customer support case. Which review comment is most accurate?
- A developer tries to add a local database MCP server in Copilot CLI. The organization has enabled MCP and set Restrict MCP access to registry servers to Registry only. Which action should the organization administrator take?
- A developer uses Copilot CLI in a repository that has organization-approved hooks. Copilot proposes a command that would modify production infrastructure while fixing a deployment issue. The session stops before the command runs. Which option best explains the behaviour? Select one answer.
- A developer uses Copilot CLI to diagnose failing integration tests. The tests require local environment variables, and the developer wants to share a Markdown session summary with another maintainer without exposing sensitive values. Which change best handles the environment-specific constraint?
- A developer uses Copilot CLI to investigate a failing release workflow. Copilot identifies a missing environment variable and suggests a fix. The developer wants to preserve the decision and next action in the pull request instead of leaving it only in terminal output. Which option best describes the value of the final command?
- A developer wants Copilot CLI to create an implementation plan for a failing checkout workflow. The prompt includes the intended input issue, expected changed files, and success criteria. Review the terminal session. Which change should the developer make first? Select one answer.
- A developer wants Copilot CLI to fix failing tests and update a workflow. The repository is cloned at ~/work/acme-api, but the developer starts the session from a shared downloads folder that contains old ZIP files, credentials exports, and unrelated scripts. Which action should the developer take first? Select one answer.
- A developer wants Copilot CLI to help fix a failing integration test. They launch the CLI from their home directory because it is convenient. Which option best identifies the anti-pattern?
- A developer wants Copilot CLI to help prepare a change locally, create a branch, and open a pull request with GitHub CLI. The terminal is currently in a cloned repository, but the working tree already contains uncommitted edits from another task. What should the developer do first? Select one answer.
- A developer wants Copilot CLI to inspect failing tests and suggest a workflow fix. The repository is in ~/work/payment-api, but the developer starts the CLI from the home directory. What should the developer change first to apply an appropriate guardrail?
- A developer wants GitHub Copilot CLI to fix failing tests and leave reviewable files that a pull request workflow can upload as artifacts. They start the session from a generic downloads folder instead of the repository. Which change should you make first? Select one answer.
- A developer wants GitHub Copilot CLI to remember billing-specific conventions, but they add the guidance as a root-level instruction file. The same repository also contains mobile, infrastructure, and analytics code. Which change best scopes the agent memory to the relevant task area? Select one answer.
- A developer wants to use Copilot CLI to inspect failing tests for the orders-api repository only. Several repositories are checked out under ~/work, and the terminal is currently at the parent directory. Which change should the developer make first? Select one answer.
- A developer wants to use GitHub Copilot CLI to prepare an implementation plan for an issue before allowing any file modifications. The developer starts this session: Which change should the developer make first? Select one answer.
- A governance team is defining autonomy levels for Copilot cloud agent. Match each proposed agent action to the most appropriate intervention level. Which mapping is correct?
- A maintainer is reconstructing a failed multi-agent run. The run used separate triage, implementation, validation, and review stages. The maintainer has logs, artifacts, and operational signals from the pull request. Match each evidence source to the strongest post-hoc analysis use. Which mapping is correct?
- A maintainer is reviewing evidence from a long Copilot coding-agent task. Match each signal to the best interpretation. Which mapping is correct?
- A maintainer is reviewing two local branches created from separate Copilot-assisted tasks. Before asking either agent to continue, the maintainer wants to identify whether both branches changed the same files and whether the outputs conflict. Which action should the maintainer take next? Select one answer.
- A maintainer is triaging signals from several Copilot coding agent tasks. Match each coordination signal to the most appropriate response. Which mapping is correct?
- A maintainer reviews multiple multi-agent pull requests. Match each signal to the most accurate execution state. Which mapping is correct?
- A maintainer wants to manually invoke the repository’s agent workflow from the terminal. The workflow file exists on main, but the maintainer tests this command from a feature branch that also modifies .github/workflows/invoke-agent.yml. Which change should the maintainer make before using this as the standard invocation pattern? Select one answer.
- A multi-agent release workflow failed after Copilot cloud agent pushed a remediation branch and a validation agent reported degraded canary metrics. The team expected the recovery workflow to open an incident and wait for a human-triggered rollback. Which option best explains why the rollback did not execute? Select one answer.
- A multi-agent remediation run produced a draft pull request that failed validation. The team needs to perform post-hoc analysis before deciding whether to resume the implementation agent, change the triage scope, or close the pull request. Evidence is available in the workflow logs, run-specific artifacts, pull request timeline, and check results. Which four actions should you perform in order? 1. Decide the next agent action based on correlated evidence 2. Compare the triage scope to implementation diff and validation failures 3. Download the run-specific triage, implementation, and validation artifacts 4. Rerun the implementation agent using the previous prompt unchanged 5. Open the workflow run logs and identify failed or skipped jobs 6. Mark the draft pull request ready for review before analysis
- A multi-agent repository retired legacy-review-agent and introduced secure-review-agent. A pull request opened after the retirement still shows a required check named legacy-review-agent / review-gate stuck in pending. The team checks the workflow and branch protection evidence. Which option best identifies the root cause? Select one answer.
- A multi-agent workflow runs three jobs: Copilot-generated code validation, documentation validation, and an evaluation summary. The team wants the summary job to identify partial completion when one validation path fails. Evaluate the following statements. 1. The summary job can still run when code-agent-validation fails. 2. The summary job can read both upstream job results through the needs context. 3. The workflow proves that the Copilot-generated code is ready to merge.
- A payments team wants Copilot cloud agent to handle low-risk dependency cleanup faster. The repository has required reviews, required status checks, secret scanning, and branch protection on main. The proposed policy lets Copilot research issues, create a branch, commit changes, and open a draft pull request. The policy does not allow Copilot to approve, mark ready, or merge its own pull request. Security wants delivery speed improved without removing accountability. Which autonomy level best fits this policy?
- A platform team is building a failure taxonomy for Copilot agent evaluations. Match each failure signal to the most appropriate root cause category. Which mapping is correct?
- A platform team is creating a retirement checklist for custom agents used in a multi-agent workflow. Match each retirement action to its best purpose. Which mapping is correct?
- A platform team is defining autonomy levels for Copilot cloud agent in a regulated payments repository. Low-risk actions may run automatically if they only inspect code and produce comments. Medium-risk actions may create draft pull requests but must wait for reviewer inspection before workflow approval. High-risk actions include secret access, production deployment changes, and compliance-impacting payment logic. A proposed policy allows Copilot-created draft pull requests that modify PCI-scoped payment validation to run workflows with secrets automatically. Which change should the team make first? Select one answer.
- A platform team is designing multi-agent workflows for Copilot cloud agent and custom agents. Each workflow must avoid duplicate work, preserve reviewability, and keep specialist agents scoped to the right task. Match each orchestration pattern to the correct use case. Which mapping is correct?
- A platform team is introducing Copilot cloud agent for production-adjacent repositories. They need an operating process that preserves traceability, avoids unreviewed execution paths, and gives reviewers enough evidence before a Copilot-created pull request is marked ready. Which four actions should you perform in order? 1. Require reviewers to inspect the session log and PR diff 2. Enable automatic workflow execution for every Copilot PR 3. Start work from an issue or tracked agent session 4. Correlate commits with audit and session identifiers 5. Merge after Copilot opens the draft pull request 6. Approve workflow runs only after reviewing changes
- A platform team is introducing Copilot cloud agent into an existing SDLC. They want to avoid common anti-patterns such as vague tasks, unreviewed draft pull requests, validation gaps, and agent changes that bypass repository ownership controls. Which four actions should you perform in order? 1. Assign the issue to Copilot with repository-specific context 2. Merge after Copilot reports the task is finished 3. Define the issue task, scope, expected output, and acceptance checks 4. Review the generated draft pull request and diff 5. Add or verify required checks and owner review controls 6. Disable path filters so every workflow always runs
- A platform team is reviewing isolation controls for four parallel agent tasks. Match each isolation control to the risk it most directly reduces. Which mapping is correct?
- A platform team wants Copilot CLI sessions to display policy guidance, log prompts for audit review, and block risky commands with a clear escalation reason. A reviewer checks the repository-scoped hook configuration and policy script.
- A platform team wants every agent validation workflow to leave a durable Markdown summary on the workflow run page and upload the detailed decision log as a retained artifact. The workflow should run for pull requests into main. Which option completes the workflow?
- A platform team wants to introduce Copilot cloud agent for medium-risk service maintenance. They need a practical rollout sequence that assigns autonomy gradually, verifies guardrails, and keeps ownership clear for audit and review. Which four actions should you perform in order? 1. Enable issue assignment for selected low-risk repositories. 2. Define task labels, allowed repositories, and prohibited change types. 3. Require checks, reviews, and CODEOWNERS on protected branches. 4. Allow Copilot to merge after its own checks pass. 5. Review initial draft PRs and tune instructions or constraints. 6. Disable the agent firewall for all repositories.
- A platform team wants to revise its Copilot PR governance model. The current model requires manual approval for every agent-created PR, including typo fixes and test-only updates. The team wants to keep high-risk changes accountable without slowing low-risk work. Which four actions should you perform in order? 1. Identify file paths and change types that materially increase risk 2. Remove all human review from Copilot-created pull requests 3. Map high-risk paths to owners or required reviewers 4. Keep automated checks required for low-risk pull requests 5. Require manual approval for every dependency update 6. Monitor blocked PRs and tune the risk rules over time
- A production canary is degraded after a Copilot-generated remediation PR was merged. A release-validation agent detected the regression, and another agent has already opened an incident with the failed workflow run attached. You need to recover service safely before allowing more agent-driven promotion. Which four actions should you perform in order? 1. Ask Copilot to refactor the recovery workflow 2. Cancel the in-progress promotion workflow 3. Rerun all failed agent jobs with debug logging 4. Identify the last successful production deployment SHA 5. Trigger the rollback workflow with that SHA 6. Require human approval before reopening promotion
- A release lead wants to coordinate three specialist agents: one to inspect API compatibility, one to review migrations, and one to summarize release risk. The release lead starts from a trusted repository directory and uses GitHub CLI comments to preserve the handoff. Which option best describes the orchestration pattern?
- A repository adds this workflow to validate whether Copilot-created pull requests include a structured plan file. Evaluate the following statements. 1. The workflow can validate that a Copilot PR includes a structured plan file. 2. The workflow prevents Copilot from modifying files before writing the plan. 3. Non-Copilot pull requests skip this job because of the actor condition.
- A repository admin adds a setup workflow for Copilot coding agent, but the agent still reports that the project dependencies were not installed before task execution. Review the setup run output. Which option best explains the failure? Select one answer.
- A repository administrator adds this MCP configuration in the repository settings for Copilot cloud agent. The goal is to let Copilot use two read-only Notion tools during assigned issue work. Evaluate the following statements. 1. The configuration uses the correct top-level object for repository MCP configuration. 2. The token will be available if it is saved only as an Agents secret named NOTION_TOKEN. 3. After the configuration is saved, Copilot can use the enabled MCP tools without asking for approval each time.
- A repository administrator configures review controls for Copilot-created pull requests. The organization wants low-risk documentation changes to be lightweight, but changes to authentication, deployment, or compliance-scoped code must require human review and passing checks before merge. Evaluate the following statements. 1. The policy treats secret-backed workflow execution as requiring human intervention. 2. High-risk paths are allowed to bypass pull request review when tests pass. 3. The configuration separates lightweight documentation changes from higher-risk code paths.
- A repository administrator customizes MCP access for Copilot cloud agent. They want broader GitHub access than the default current-repository token provides, but they also want to limit which GitHub MCP tools the agent can use. Evaluate the following statements. 1. The configuration uses a remote HTTP MCP server entry. 2. A remote OAuth-only MCP server is supported for Copilot cloud agent. 3. The token reference uses the required COPILOT_MCP_ secret prefix.
- A repository administrator is configuring Copilot cloud agent setup steps for a Node.js repository. The setup must install private packages from GitHub Packages before Copilot starts work, but the workflow should not grant pull request write access or use the wrong setup job name. Which option completes the workflow?
- A repository administrator is reviewing four proposed custom agent tool configurations. Match each configuration pattern to the correct meaning. Which mapping is correct?
- A repository allows Copilot coding agent to open draft pull requests for issue assignments. The team wants a validation workflow that captures failure evidence when tests fail, uploads diagnostic artifacts, and still fails the required check so maintainers cannot merge broken agent output. Which option completes the workflow?
- A repository allows Copilot coding agent to work from assigned issues and open draft pull requests. The team wants a validation workflow that runs whenever the agent-created pull request is opened, updated, or marked ready for review. The workflow should validate the pull request without granting unnecessary write permissions. Which option completes the workflow?
- A repository already has planner and test agents in .github/workflows/multi-agent-pr.yml. A developer wants Copilot CLI to help add a documentation-review agent while keeping the change reviewable and limited to the repository. Which change should the developer make first? Select one answer.
- A repository configures an agent workflow to run when maintainers label an issue as agent-ready. Evaluate the following statements. 1. The job can run when an issue is labeled agent-ready. 2. Repository secrets are available to the script without explicit references. 3. The workflow can create a branch and draft PR, but not edit issue labels.
- A repository contains billing, mobile, and infrastructure code. The team wants general build guidance available across the repository, but payment-card guidance should apply only when Copilot works on PCI-related billing files. Evaluate the following statements. 1. The applyTo field scopes the PCI guidance to matching files. 2. Moving PCI guidance into copilot-instructions.md would make it narrower. 3. Content exclusion is a separate control for files Copilot should not use as context.
- A repository has a validation workflow for Copilot-generated pull requests. The team wants failures to be diagnosable from the workflow logs and artifacts without rerunning the agent blindly. A reviewer checks the workflow configuration.
- A repository has a workflow that should stop agent execution unless the linked issue has the agent-approved label. A maintainer says the agent did not start even though the workflow was triggered manually. You inspect the latest workflow run. Which option best explains the behaviour? Select one answer.
- A repository has multiple Copilot coding agent assignments open at the same time. The team wants a pull request workflow that detects overlapping file ownership, uploads a coordination report when the check fails, and keeps the pull request blocked until maintainers resolve the conflict. Which option completes the workflow?
- A repository is retiring a custom agent named legacy-workflow-fix-agent. The team wants the agent profile to remain in the repository for audit history, but it must not be manually selected by users and must not be automatically selected by Copilot model inference. The replacement agent is documented in the profile body. Which option completes the retired profile?
- A repository needs a Copilot custom agent that can inspect repository files, search the codebase, edit proposed fixes, and use the built-in GitHub MCP tools for issue and pull request context. The agent must be available on GitHub.com for Copilot cloud agent tasks, but it should not be automatically selected by model inference because the team wants users to choose it deliberately for workflow-debugging issues. Which option completes the agent profile?
- A repository owner adds a CODEOWNERS file and a workflow that classifies Copilot-created pull requests by changed paths. The goal is to require human review for sensitive files while allowing low-risk changes to proceed with required checks. Evaluate the following statements. 1. CODEOWNERS can route sensitive path changes to accountable reviewers. 2. Required checks can preserve low-risk velocity without removing validation. 3. This configuration guarantees no low-risk PR ever needs review.
- A repository owner configures guardrails for Copilot-generated pull requests. The goal is to let low-risk validation run automatically while requiring human review for changes that affect protected application areas. Evaluate the following statements. 1. Automated tests can run before a human approval decision. 2. Code owner review helps identify changes requiring domain judgment. 3. Passing tests means the Copilot PR no longer needs review.
- A repository owner is adding new agents to an existing workflow and needs to map each lifecycle decision to the correct GitHub mechanism. Match each item to the correct meaning. Which mapping is correct?
- A repository owner proposes this autonomy policy for Copilot cloud agent on a regulated service. Evaluate the following statements. 1. The policy allows meaningful agent autonomy without allowing self-merge. 2. Required reviews and checks provide accountability before changes reach main. 3. Passing the agent’s draft PR checks means Responsible AI review is no longer needed.
- A repository owner wants a workflow that detects overlapping file changes between Copilot-created pull requests before they enter review. The workflow should run on pull requests to main, read repository and pull request metadata, and upload a conflict report for maintainers. Which option completes the workflow?
- A repository owner wants agent-assisted changes to remain scoped to octo-org/customer-api. The team uses an issue template for Copilot tasks and a validation workflow that fails if the workflow is run from another repository. Evaluate the following statements. 1. The issue template helps make the intended repository explicit. 2. The workflow prevents validation from succeeding in a copied repository. 3. The template alone prevents Copilot from reading any other repository.
- A repository owner wants an agent to run only when a maintainer manually starts a GitHub Actions workflow. The workflow must accept an issue number, read issue context, create a branch with proposed changes, and open a draft pull request. Which option completes the workflow?
- A repository owner wants Copilot coding agent to propose changes to regulated deployment policy files, but not allow those changes to be applied without human approval and a traceable review path. Which four actions should you perform in order? 1. Add a protected environment for regulated deployment application 2. Require reviewer approval or deployment protection on that environment 3. Let the agent apply the policy after validation succeeds 4. Route the apply job through the protected environment 5. Record approval evidence in the pull request or deployment timeline 6. Grant broad write permissions to simplify the workflow
- A repository owner wants Copilot to work on selected issues, but only after the task is framed so the first output is a structured plan. The plan must be reviewable before implementation and must be validated when a Copilot PR is opened. Which four actions should you perform in order? 1. Add issue template guidance requiring the plan schema 2. Assign the issue to Copilot after guardrails are committed 3. Define required plan fields and execution boundary 4. Enable Copilot review only after the PR opens 5. Add a required workflow that validates the plan artifact 6. Ask Copilot to infer the plan format from repository history
- A repository owner wants three agents to work in parallel on separate services without overwriting each other’s changes or producing mixed validation evidence. The agents will use separate issues and draft pull requests. Which four actions should you perform in order? 1. Configure validation artifacts with scoped names and paths 2. Merge the first draft PR before checks complete 3. Assign all service tasks to a single shared branch 4. Create one issue per isolated service task 5. Scope workflow concurrency by pull request or branch 6. Ensure each agent works on its own branch or draft PR
- A repository owner wants to adopt Copilot coding agent for dependency remediation. The owner creates one issue labeled agent-plan to request an impact analysis and a separate issue labeled agent-execute for approved implementation work. Branch protection requires status checks before merge. Evaluate the following statements. 1. A planning issue can describe constraints without authorizing code changes. 2. A Copilot-created draft pull request removes the need for human review. 3. Separate labels can help route planning and execution workflows differently.
- A repository owner wants to coordinate multiple agents for dependency upgrade pull requests. One agent should plan the upgrade, two specialist agents should independently review test and security impact, and a final gate should summarize the results before human review. Which four actions should you perform in order? 1. Merge the pull request when the first specialist agent succeeds 2. Define the planner output, specialist inputs, and final gate criteria 3. Run test-impact and security-impact checks as independent specialist paths 4. Let each agent rewrite the same summary comment concurrently 5. Generate the upgrade plan and attach it to the issue or draft PR 6. Aggregate specialist findings into a final review summary
- A repository owner wants to let Copilot and automation help with deployment preparation without allowing agent-generated changes to deploy production code without human approval. The design must keep build permissions narrow, protect production secrets, and require review before deployment. Which four actions should you perform in order? 1. Configure the production environment with required reviewers 2. Grant contents: write to every job for consistency 3. Set workflow-level permissions to contents: read by default 4. Reference the production environment only in the deploy job 5. Run deployment immediately after Copilot opens a draft PR 6. Grant deployment-specific permissions only in the deploy job
- A repository owner wants to mitigate the anti-pattern of allowing agent-generated pull requests to bypass the same validation path as human-authored pull requests. The workflow should run automatically for pull requests into main, use the minimum permissions needed to read repository contents, and execute the validation script. Which option completes the workflow?
- A repository requires every Copilot-generated pull request to include an agent-plan.json file before reviewers evaluate implementation changes. The file must contain the fields goal, scope, files_to_change, tests, and risks. The workflow should run on pull request activity and validate the plan without granting write permissions. Which option completes the workflow?
- A repository retires legacy-release-agent and replaces it with release-coordinator-agent. The team wants to preserve auditability for historical runs while ensuring new release workflow requests use the replacement path. A reviewer checks the retired profile and the replacement workflow.
- A repository team reviews evaluation findings from Copilot cloud agent and Copilot code review. Match each evaluation finding to the best tuning response. Which mapping is correct?
- A repository team uses separate agent-assisted stages for triage, implementation, validation, and release review. After a failed release candidate, the team reviews the workflow logs and artifacts to determine where the multi-agent handoff broke. Which option best explains the failure path? Select one answer.
- A repository team wants Copilot cloud agent to help remediate failing integration tests. The team does not want the agent to start code changes until a human has reviewed the proposed plan. The repository already uses issues, pull requests, branch protection, and required checks. Which four actions should you perform in order? 1. Ask Copilot to produce a structured remediation plan 2. Assign the issue to Copilot immediately 3. Review the proposed plan against repository constraints 4. Start the agent task only after approval is recorded 5. Merge the resulting draft pull request 6. Record approval after human review
- A repository team wants Copilot cloud agent to remember stable build rules, apply frontend-specific guidance only to React files, and fetch live feature-flag state from an internal service when needed. Evaluate the following statements. 1. Stable build rules fit repository custom instructions better than short-term prompt context. 2. The React guidance is path-specific context for matching files, not global memory for every file. 3. Live feature-flag state should be copied into custom instructions so the agent can fetch it automatically.
- A repository team wants Copilot coding agent to work on low-risk implementation issues. The team wants visible progress in GitHub Issues and reviewable changes in pull requests. The main branch requires status checks, CODEOWNERS review, and one approving review. A developer suggests allowing Copilot-created pull requests to merge after the test job passes. Which option best implements controlled autonomy?
- A repository team wants every Copilot-generated pull request to prove that the agent task contract was present before review. The contract file must define the agent inputs, expected outputs, and success criteria. The workflow must run automatically for pull requests into main and publish a small evidence artifact for reviewers. Which option completes the workflow?
- A repository uses a custom instruction file to guide Copilot coding agent. The team wants tasks to include expected outcomes, validation commands, and operational constraints that reviewers can use during PR evaluation. Evaluate the following statements. 1. The instructions define reviewable signals beyond “Copilot created a PR.” 2. The package-scope rule is an operational constraint for the agent task. 3. Passing npm test alone proves all issue acceptance criteria are met.
- A repository uses a fan-out/fan-in orchestration pattern for agent-generated pull requests. Separate jobs validate security, tests, and documentation. A final gate should run only after all three specialist validation jobs complete. Which option completes the workflow?
- A repository uses a multi-agent workflow. Copilot coding agent creates a draft pull request, a workflow agent runs validation, and a release-notes agent comments only after validation succeeds. A maintainer sees no release-notes comment and checks the workflow logs. Which option best describes the execution state?
- A repository uses an agent workflow with two jobs. The first job reads issue context and produces a compact JSON state file that includes the issue number, selected files, test command, and risk notes. The second job must receive the state path through a job output and then use the uploaded state artifact during execution. Which option completes the workflow?
- A repository uses Copilot cloud agent to create draft pull requests from assigned issues. The team wants an escalation workflow that runs when the validation workflow completes, opens an issue only when the validation workflow fails, and gives the workflow enough permission to create the escalation issue using GitHub CLI. Which option completes the workflow?
- A repository uses Copilot cloud agent to prepare remediation pull requests and a separate release-validation workflow to verify production readiness. When validation detects degraded behavior after a multi-agent change, rollback must be triggered manually and held by a protected production rollback environment before execution. Which option completes the workflow?
- A repository uses Copilot coding agent for a Node.js service that requires private package dependencies. The team creates .github/workflows/copilot-setup-steps.yml so Copilot can prepare the environment before it starts work. The setup file must be testable when changed, must use the job name Copilot expects, and must keep repository permissions minimal. Which option completes the workflow?
- A repository uses Copilot coding agent for dependency updates. Low-risk patch updates must move quickly when tests, code scanning, and required checks pass. Changes touching authentication, payment processing, or deployment workflows must still require human review. The current process requires two maintainer approvals for every Copilot-created draft pull request, including documentation-only and patch-version dependency updates. Which change best preserves velocity without removing meaningful risk controls? Select one answer.
- A repository uses Copilot coding agent for implementation tasks. The team adds a workflow to evaluate whether agent PRs meet the issue intent before reviewers mark draft pull requests ready. Evaluate the following statements. 1. The acceptance-test job is a stronger intent signal than PR creation. 2. The summary job is independent of the behaviour and scanning jobs. 3. Code scanning can contribute to evaluating security-related development intent.
- A repository uses Copilot coding agent for issue remediation. The team wants each agent-created pull request to collect measurable test results, capture reviewer-facing evaluation notes, and publish both as a workflow artifact. Which option completes the workflow?
- A repository uses Copilot coding agent to work on a Python API that requires PostgreSQL during local validation. The team adds a setup workflow so Copilot can install dependencies and run a smoke test before it starts work. Evaluate the following statements. 1. The job name allows Copilot to use the setup steps. 2. The PostgreSQL service helps reproduce a project-specific environment dependency. 3. Changing runs-on to macos-latest would be supported for Copilot cloud agent setup.
- A repository uses Copilot to prepare pull requests that may update application code. The validation workflow should run on pull requests into main, read repository contents, and comment only when the guardrail script detects a policy violation. The job should not receive repository write permissions beyond pull request comments. Which option completes the workflow?
- A repository uses GitHub Copilot coding agent to implement issue assignments. The team wants every Copilot-created pull request to publish an inspection bundle containing the agent plan, test output, and diff summary as a GitHub Actions artifact. Which option completes the workflow?
- A repository uses GitHub Copilot coding agent to open draft pull requests from assigned issues. The team wants fast automated validation on every Copilot PR, but only deployment to the shared integration environment should pause for human approval. The environment named agent-integration already has required reviewers configured. Which option completes the workflow?
- A repository uses issue labels to separate planning tasks from implementation tasks. Planning issues use the label agent-plan, while implementation issues use agent-execute. The team wants a lightweight workflow that validates planning issues without granting write permissions or creating pull requests. Which option completes the workflow?
- A repository uses repository custom instructions to reduce drift during long Copilot sessions. The team also requires a PR checklist that records the original issue, accepted scope, changed files, and validation commands. Evaluate the following statements. 1. The instructions help preserve task state across a longer agent session. 2. The checklist can help reviewers detect drift before merge. 3. The instructions guarantee Copilot cannot modify unrelated files.
- A repository uses the following workflow for Copilot-generated pull requests. The team wants all agent PRs to receive automated feedback quickly, but a human should approve only the integration job that uses the protected agent-integration environment. Evaluate the following statements. 1. The validate job can run without waiting for the environment reviewer. 2. The integration job requests human approval only after validate succeeds and the PR is not draft. 3. The pull-requests: read permission lets the workflow approve the protected environment automatically.
- A repository uses this workflow to pass planning state from a first job to a second job. The team wants the second job to receive a short state summary and a file artifact without writing any repository changes. Evaluate the following statements. 1. The second job can read state_summary through the needs context. 2. The uploaded state.json file is available because the artifact is downloaded. 3. The workflow grants permissions for the agent to push repository changes.
- A repository uses three agent jobs: planner, implementer, and reviewer. The team wants a final audit job to run after all three jobs, collect the audit files, and publish a retained artifact that reviewers can download from the workflow run. Which option completes the workflow?
- A repository uses three coordinated stages: issue triage, implementation, and validation. The team wants enough evidence to reconstruct what happened after a failed run. Review the workflow configuration.
- A repository uses three Copilot custom agents in a multi-agent workflow: triage-agent, workflow-fix-agent, and release-note-agent. The workflow-fix-agent is being retired because its responsibilities have moved to a newer ci-remediation-agent. The team must stop new use of the retired agent, preserve historical audit evidence, and avoid breaking issue templates and workflow documentation that still reference the old agent name. Which four actions should you perform in order? 1. Delete all old draft pull requests created by the retired agent 2. Add a deprecation notice to the retired agent profile 3. Update routing docs and issue templates to the replacement agent 4. Disable manual and model invocation for the retired agent 5. Remove workflow logs and artifacts to reduce confusion 6. Verify existing PRs, issues, and artifacts remain traceable
- A required workflow is supposed to capture an agent’s task progress and decision log. Reviewers say the workflow passed, but no downloadable decision log appears on the run summary page. Which option best explains the missing durable artifact?
- A reviewer asks Copilot to continue a draft PR after an interrupted refactor. The follow-up prompt says, “continue the prior work.” The next commit restores an approach that was rejected in review. Review the available session and PR evidence. Which option best explains what went wrong? Select one answer.
- A reviewer is checking whether an agent has enough context to work safely without being given unnecessary access. Match each execution-context signal to the best review decision. Which mapping is correct?
- A reviewer is investigating why a Copilot-created draft pull request failed after the agent claimed it fixed an API client generation bug. The workflow uploaded an artifact named agent-root-cause-evidence. The reviewer wants to inspect the failed run, download the artifact, and compare the agent plan with the generated output before asking Copilot for another iteration. Which conclusion is best supported by this command sequence? Select one answer.
- A security engineering team is rolling out Copilot cloud agent across several repositories. They need a repeatable process for deciding when the agent can act autonomously, when it can only prepare a draft pull request, and when a human must approve privileged execution. Which four actions should you perform in order? 1. Map repository paths to operational, security, and compliance impact 2. Enable automatic workflow execution for every Copilot PR 3. Define allowed actions for each autonomy level 4. Attach human approval gates to high-risk transitions 5. Validate the policy with sample Copilot-created PRs 6. Remove required checks for low-risk documentation updates
- A security lead is defining autonomy levels for GitHub Copilot use across several repositories. Match each autonomy level to the most appropriate guardrail. Which mapping is correct?
- A security reviewer is investigating a Copilot-created pull request that modified payment validation code. The reviewer needs to prove which agent session produced the changes and who initiated the work. Which option best explains the traceability evidence? Select one answer.
- A team added a new dependency-review agent to an existing multi-agent pull request workflow. The pull request now shows the required check dependency-review-agent / scan as pending, but no run appears for the new agent. Which option best explains the pending check? Select one answer.
- A team added a workflow to route Copilot-created pull requests through human approval only when high-risk paths changed. A documentation-only pull request is blocked by a pending required check named risk-approval. Which option best explains the problem? Select one answer.
- A team adds a coordination workflow after several Copilot coding agent pull requests changed the same deployment files. The team wants to detect conflicts, publish evidence, and block merge when degraded coordination is detected. Evaluate the following statements. 1. The concurrency group prevents duplicate coordination runs for the same pull request. 2. The concurrency group coordinates conflicts across different pull requests. 3. The artifact step can preserve evidence after a failed overlap check.
- A team adds a Copilot-assisted documentation agent to an existing workflow that already includes planner, build, and test agents. The new agent should run on pull requests after tests, leave review findings on the PR, and become a required check after it has been validated in the repository. Evaluate the following statements. 1. A new agent job can use needs to run after the test agent. 2. Making the new check required before it has a successful run can leave pull requests blocked. 3. A Copilot-created draft pull request should be treated as ready to merge when the new agent passes.
- A team adds a lightweight CODEOWNERS rule and a conflict-detection workflow for Copilot-created pull requests. The goal is to identify overlapping changes in shared modules and require the platform team to review shared infrastructure updates. Evaluate the following statements. 1. CODEOWNERS can help route shared-file changes to the platform team. 2. The artifact can preserve overlap evidence for pull request review. 3. The workflow automatically prevents two agents from editing the same file.
- A team adds a manual workflow so reviewers can record the intended contract for an agent task before assigning the issue to Copilot. The team expects this workflow to make the input issue, expected output, and success criteria explicit. Evaluate the following statements. 1. The workflow requires reviewers to provide task contract fields when manually started. 2. The workflow automatically validates Copilot draft pull requests targeting main. 3. The workflow records criteria but does not prove the agent met them.
- A team adds a reusable validation workflow for Copilot-generated pull requests. The workflow should upload logs on failure, avoid publishing secrets, and keep the required check failed when validation fails. Evaluate the following statements. 1. The workflow uploads diagnostics when validation fails. 2. Printing the environment is safe because secrets are masked. 3. The final step helps preserve a failed required check.
- A team adds an evaluation workflow for agent-generated pull requests. The workflow should preserve enough evidence for error analysis even when the agent passes some checks but fails others. Evaluate the following statements. 1. checks.json provides quantitative workflow status evidence. 2. review-signals.json alone proves the task is successful. 3. if: always() helps retain evidence after failed steps.
- A team adds repository instructions for autonomous coding tasks and a pull request workflow that uploads agent evidence. The branch rule requires the check agent-observability / inspect. Evaluate the following statements. 1. The workflow can persist the agent output after the run. 2. The instructions alone prove Copilot followed the process. 3. The required check can block merge when files are missing.
- A team allows Copilot coding agent to create pull requests, but wants automated validation before a human reviewer marks the PR ready. The workflow must run for pull requests targeting main, avoid broad write permissions, and upload SARIF results when static analysis produces a SARIF file. Which option completes the workflow?
- A team assigns a refactoring issue to Copilot cloud agent for a payments repository. Copilot opens a draft pull request that changes validation logic, updates tests, and modifies a workflow file. The team lead wants to merge after the unit tests pass because the PR was generated from an approved issue. The repository requires status checks, but CODEOWNERS review is not required for workflow changes. Which option best identifies the anti-pattern and mitigation?
- A team assigns Copilot coding agent an issue to improve an API endpoint. The issue says only “make the endpoint faster,” and Copilot opens a draft pull request. The PR changes database queries, caching behaviour, and an unrelated authentication middleware file. The checks pass, but reviewers disagree about whether the task is complete or in scope. Which change should the team make before assigning similar tasks again?
- A team configures a matrix workflow so each agent role writes a separate audit file. The team also wants an index artifact that can still be created when one agent role fails. Evaluate the following statements. 1. The matrix job can create one run-scoped artifact per agent role. 2. The index job downloads the role artifacts before creating the index. 3. The index job can run even if one matrix role fails.
- A team configures a protected environment named agent-execution. A workflow job that starts a Copilot agent task references that environment. The environment has required reviewers, and the workflow is triggered manually after an issue plan has been posted. Evaluate the following statements. 1. The job can wait for environment approval before running protected steps 2. The workflow_dispatch trigger alone proves the agent plan was approved 3. Required reviewers can help enforce a human gate before execution
- A team configures a remote helpdesk MCP server for Copilot cloud agent. The configuration validates JSON syntax, but the server is not available to the agent after saving. Which option best explains the failure? Select one answer.
- A team created a workflow that should comment on planning issues when the agent-plan label is applied. The workflow must not create branches or pull requests. A maintainer reports that the planning workflow failed after a Copilot-generated issue was labeled. Which option best explains the failure? Select one answer.
- A team creates a custom agent that should triage issues, inspect source files, and call a local MCP server for release-note metadata. A reviewer notices that the frontmatter defines an MCP server but also sets an empty tool list.
- A team creates a custom Copilot cloud agent for release triage. The agent should inspect repository files and search code, but it should not execute shell commands or use the configured Sentry MCP server until those tools are explicitly approved. Evaluate the following statements. 1. The custom agent can read, search, and edit repository content. 2. The Sentry MCP server is configured, but its tools are not enabled by this tools list. 3. Omitting the tools property or using tools: ["*"] would enable all available tools.
- A team creates an agent context bundle after reading the current issue, linked pull request, latest commit SHA, and failing check summary. A later job must consume the exact context bundle from the same workflow run. The team wants to avoid downloading a stale artifact from a previous run. Which option completes the workflow?
- A team designs a recovery workflow for degraded multi-agent releases. A failed multi-agent-release run should create an incident issue, while rollback must only run when an operator manually supplies a rollback SHA. Evaluate the following statements. 1. The detect job can open an issue for a failed agent release. 2. The rollback job runs automatically when multi-agent-release fails. 3. The rollback job can be held by required reviewers on production-rollback.
- A team evaluates Copilot cloud agent over 30 issue-assignment runs. The agent usually creates a draft pull request, but review feedback shows repeated violations in generated API changes. Which change should you make first? Select one answer.
- A team expects an agent execution job to reuse the state file produced by the planning job. The planning job completed successfully, but the execution job fails before running the agent. Which option best explains the behaviour? Select one answer.
- A team expects an agent workflow to run when an issue receives the agent-ready label. The issue was labeled by a maintainer, but no workflow run appears. Which option best explains the behaviour? Select one answer.
- A team has three repositories: web-portal, billing-api, and shared-libs. A developer wants Copilot coding agent to work only in billing-api, even though the issue mentions package names that also exist in shared-libs. Which option best scopes the agent to the intended repository? Select one answer.
- A team implements a fan-out/fan-in GitHub Actions workflow for an agent-generated pull request. The final summary job is supposed to run after security_agent_check and test_agent_check, but it starts after only the test job. Which option best explains the orchestration flaw?
- A team is auditing where different kinds of Copilot context should live. They want persistent facts, personal preferences, path-scoped implementation guidance, and curated task context kept separate so the agent does not apply unrelated memory to the wrong work item. Match each item to the best use. Which mapping is correct?
- A team is building a resume checklist for paused Copilot agent work. Match each state signal to the best resume action. Which mapping is correct?
- A team is defining escalation paths for agent-operated development workflows. Match each signal to the best escalation response. Which mapping is correct?
- A team is defining when an agent should use task-local context, Copilot Memory, repository instructions, or external tools. Match each item to the most appropriate memory strategy. Which mapping is correct?
- A team is designing control points for Copilot coding agent work. Match each GitHub or Copilot signal to the control decision it should drive. Which mapping is correct?
- A team is improving how it evaluates Copilot coding agent tasks. Match each task-design element to the best evaluation or control purpose. Which mapping is correct?
- A team is preparing several repositories for agentic development. Match each environment-specific constraint to the most appropriate GitHub or Copilot configuration approach. Which mapping is correct?
- A team is reviewing how to trace Copilot cloud agent work across issues, pull requests, session logs, commits, and enterprise audit events. Match each traceability signal to the correct meaning. Which mapping is correct?
- A team is reviewing MCP configuration concepts before publishing a custom Copilot cloud agent. Match each item to the correct meaning. Which mapping is correct?
- A team is reviewing several Copilot coding agent pull requests. The maintainers want to separate measurable execution signals from human judgment signals so they can tune future agent tasks more accurately. Match each item to the correct meaning. Which mapping is correct?
- A team is reviewing signals that can cause an agent to continue work from outdated assumptions. The agent uses GitHub Issues, pull requests, workflow artifacts, dependency caches, and repository custom instructions. Match each item to the correct mitigation. Which mapping is correct?
- A team is writing a task template for issues assigned to Copilot coding agent. The template must separate what the agent should use, what it should produce, how reviewers determine completion, and what evidence reviewers can inspect. Match each item to the correct meaning. Which mapping is correct?
- A team notices that Copilot repeatedly applies legacy billing migration guidance to unrelated mobile analytics tasks. They want to remove stale persistent context, keep valid billing conventions available only for billing files, and create a focused context area for the current analytics migration. Which four actions should you perform in order? 1. Create an analytics migration Copilot Space 2. Delete misleading repository memory facts 3. Move all billing notes into repository-wide instructions 4. Review stored Copilot Memory facts 5. Add billing conventions to path-specific instructions 6. Exclude the entire billing package from Copilot
- A team requires agent-plan-check / check-plan before merging Copilot-generated pull requests. A Copilot PR changes implementation files but does not include agent-plan.json. The required check is stuck as pending instead of failing. Which option best explains the behaviour? Select one answer.
- A team reviews evaluation failures from several Copilot-assisted tasks. Match each finding to the most appropriate memory refinement action. Which mapping is correct?
- A team reviews several Copilot coding agent tasks. Match each agent task to the evaluation signal that best proves the intended development outcome. Which mapping is correct?
- A team reviews the repository setup before allowing Copilot coding agent to work from assigned issues. The intended behaviour is that the agent can create its own implementation branch and open a draft pull request, but merging to main must remain protected. Repository configuration summary Copilot coding agent: enabled Default branch: main Branch protection for main: Require a pull request before merging: enabled Require status checks before merging: enabled Require review from Code Owners: enabled Allow force pushes: disabled Repository ruleset: Target: refs/heads/main Restrict branch creation: enabled for main only Restrict branch updates: enabled for main only Evaluate the following statements. 1. The agent can still create a separate implementation branch 2. The agent-created draft pull request can bypass required checks 3. The branch protection keeps direct changes to main controlled
- A team reviews whether the local agent session and repository setup provide a safe execution context. The repository is cloned to ~/work/payments-api, and the developer wants Copilot CLI to make only repository-scoped changes. Evaluate the following statements. 1. Starting from the repository path is safer than starting from the home directory. 2. The untracked customer export should be removed or isolated before the agent session. 3. The prompt fully prevents Copilot CLI from accessing unwanted local files.
- A team reviews whether this workflow isolates parallel agent validation for separate services in a monorepo. Evaluate the following statements. 1. The concurrency group isolates cancellation per pull request. 2. The matrix configuration prevents service jobs from running in parallel. 3. The artifact settings separate evidence for each service scope.
- A team reviews whether this workflow prevents a Copilot-generated pull request from deleting production data without a controlled human approval step. Evaluate the following statements. 1. The apply job can be held by protection rules on regulated-production. 2. The pull_request trigger alone proves the change is compliance-approved. 3. The validation job separates plan review from production application.
- A team runs three agent validation jobs in parallel: one for API changes, one for UI changes, and one for workflow changes. Each job must run in its own matrix copy, upload separate evidence, and avoid cancelling the other agent validations when one scope fails. Which option completes the workflow?
- A team says Copilot-generated pull requests are validated by CI. A draft pull request updates only Markdown runbooks and a prompt template. The required check named agent-sdlc-validation stays pending and blocks merge. Which option best explains the anti-pattern?
- A team updated repository instructions after evaluation showed the Copilot coding agent repeatedly used stale validation steps. You need a workflow that runs only when pull requests change memory or instruction files and executes the memory evaluation script before the PR can be merged. Which option completes the workflow?
- A team uses an issue label named agent-approved to indicate that a Copilot agent plan has been reviewed. They want a workflow that can be triggered manually after the approval label is added. The workflow should not run automatically from every pull request or push. Which option completes the workflow?
- A team uses Copilot Business and wants developers to use the GitHub remote MCP server from their IDEs. The organization has not previously allowed MCP servers in Copilot. The rollout must avoid local Docker setup and must confirm that GitHub issue and pull request tools are available before developers use the server for repository work. Which four actions should you perform in order? 1. Verify GitHub tools in Copilot Agent mode 2. Add the remote GitHub MCP URL to mcp.json 3. Enable MCP servers in Copilot policy 4. Configure a local Docker MCP server 5. Authenticate with GitHub or a scoped PAT 6. Update workflow triggers for pull requests
- A team uses Copilot cloud agent to investigate a flaky checkout failure. The agent posts several intermediate observations in chat, changes two test files, and opens a draft pull request. A reviewer joins the next day and cannot see why one failing test was treated as unrelated. The team wants future agent sessions to preserve decisions where reviewers can audit them. Which option best mitigates the context-drift risk?
- A team uses Copilot coding agent for implementation work, but wants repository controls to prevent unchecked merges. Review the workflow and repository rule summary. Evaluate the following statements. 1. The workflow can validate Copilot-created PRs that change src/** and target main. 2. The path filter prevents Copilot from modifying files outside src/**. 3. The repository rules keep merge approval separate from Copilot’s code generation.
- A team uses Copilot coding agent to work on issues. The repository requires a setup workflow that prepares the agent’s development environment before it makes changes. The workflow must install dependencies, avoid unnecessary write permissions, and use the special setup workflow filename expected by Copilot coding agent. Which option completes the setup correctly?
- A team uses Copilot to generate remediation pull requests. Automated tests can run without approval, but deploying the Copilot-generated change to production must wait for an authorized reviewer because the job can access production secrets. Which option completes the workflow?
- A team wants a deployment workflow that builds an agent-generated change with read-only repository access, then pauses before production deployment so an approved reviewer can inspect the output. The production environment has required reviewers configured.
- A team wants a GitHub Actions workflow that labels Copilot-created pull requests based on path risk. Changes under docs/** should be treated as low risk. Changes under src/auth/**, infra/deploy/**, or compliance/** should be marked for human intervention before privileged workflows or merge decisions. Which option completes the workflow?
- A team wants a manual evidence workflow for reviewing Copilot-created pull requests. The workflow must run only when a reviewer starts it, record the triggering user, pull request number, and commit SHA, and upload the evidence as an artifact without granting write access. Which option completes the workflow?
- A team wants a monitor job to summarize multi-agent execution results after validation and documentation jobs finish. The monitor should still run when one upstream job fails, but it should not run if the workflow is cancelled. The summary should record each upstream job result. Which option completes the workflow?
- A team wants a repeatable pattern for agent tasks that prevents context drift between the issue, the agent session, the pull request, and the validation workflow. The pattern must preserve progress and decisions as artifacts that reviewers can inspect later. Which four actions should you perform in order? 1. Ask Copilot to continue from the last unsaved chat context 2. Create or update the issue with scope and acceptance criteria 3. Capture implementation decisions in the draft PR description or comments 4. Upload validation evidence as a workflow artifact 5. Merge after the agent says the task is complete 6. Review the durable artifacts before marking the PR ready
- A team wants a repository-local workflow in inventory-service that validates Copilot-created pull requests for that repository only. The workflow should run when pull requests target main, should read repository contents, and should not request write access to issues or pull requests. Which option completes the workflow?
- A team wants a safe CI-based agent entry point. Maintainers should be able to invoke the agent for selected issues, the workflow must use least-privilege permissions, and agent-created pull requests must still pass normal validation before merge. Which four actions should you perform in order? 1. Add least-privilege workflow permissions for agent tasks 2. Define the CI trigger and required workflow inputs 3. Assign every new issue to the agent automatically 4. Add branch protection requiring validation checks 5. Commit the workflow to the protected default branch 6. Store a long-lived PAT as an Actions variable
- A team wants a workflow that preserves evidence from each agent-assisted stage so maintainers can analyze the behaviour after the run completes. Each job should upload a run-specific artifact instead of overwriting a shared latest artifact. Which option completes the workflow?
- A team wants an agent workflow to preserve task continuity between planning, tool invocation, and validation jobs. The state must be small enough for reviewers to inspect, large file details must move between jobs, and the execution job must not start until planning state exists. Which four actions should you perform in order? 1. Upload the state file as a workflow artifact 2. Define the state schema and allowed fields 3. Add needs from execution to the planning job 4. Store the state in repository secrets 5. Emit the state file path as a job output 6. Download the artifact before invoking the agent
- A team wants Copilot coding agent to work on small implementation issues without allowing it to independently merge changes. The team needs visible task progress, automated validation, and a clear human approval point before merge. Which four actions should you perform in order? 1. Configure required checks and CODEOWNERS review on main 2. Assign a scoped GitHub Issue to Copilot coding agent 3. Merge the pull request after Copilot opens it 4. Review the Copilot-created draft pull request and checks 5. Mark the PR ready only after human validation passes 6. Remove branch protection for bot-created pull requests
- A team wants Copilot to help fix failed checks on pull requests. The guardrail requirement is that Copilot may propose and commit fixes, but humans must decide whether security-sensitive changes are ready to merge. Which four actions should you perform in order? 1. Require CODEOWNERS review for sensitive paths. 2. Let Copilot bypass required reviews on bot PRs. 3. Configure required checks for automated validation. 4. Merge the PR when Copilot comments are resolved. 5. Ask Copilot to address review feedback on the PR. 6. Review the diff and approve only acceptable changes.
- A team wants Copilot-created pull requests to prove that an agent task preserved API compatibility and passed regression tests. The workflow should run on pull requests targeting main, use minimal repository permissions, and upload test evidence as an artifact for reviewers. Which option completes the workflow?
- A team wants Copilot-generated pull requests to run fast validation automatically. Human approval should be required only when the PR touches high-risk paths such as .github/workflows/**, src/auth/**, or src/payments/**. The workflow should run on pull requests to main and only read repository contents. Which option completes the workflow?
- A team wants each Copilot-generated pull request to publish a resumable agent handoff file. The file must record completed steps, rejected approaches, remaining work, and reviewer decisions. Reviewers must be able to download the file from the workflow run after the validation job completes. Which option completes the workflow?
- A team wants every Copilot-generated pull request to produce a drift report. The workflow should run on pull requests to main, read repository contents, run a script that compares the PR files against the issue scope, and persist the report as a workflow artifact for reviewers. Which option completes the workflow?
- A team wants every Copilot-generated pull request validation run to preserve the agent plan, test logs, and trace output as workflow artifacts, even when tests fail. The workflow should run for pull requests to main and keep enough evidence for later root-cause analysis. Which option completes the workflow?
- A team wants GitHub Copilot to help with a risky service refactor. The repository owner wants Copilot to inspect the repository and produce an implementation plan first, but no branch changes should be made until a maintainer has reviewed the plan and confirmed the execution boundary. Which four actions should you perform in order? 1. Ask Copilot to open a draft pull request immediately 2. Create a planning issue with scope, constraints, and validation expectations 3. Assign Copilot only after the approved plan becomes execution work 4. Review Copilot’s proposed plan before allowing implementation 5. Mark the Copilot-created pull request ready for review 6. Capture accepted plan steps as explicit execution criteria
- A team wants to improve how it evaluates Copilot coding agent work across issue assignments. The team has seen pull requests where tests passed, but reviewers later found requirement misunderstandings. Which four actions should you perform in order? 1. Require the agent to write a self-evaluation summary. 2. Define acceptance criteria and measurable task outcomes. 3. Map reviewer judgments to qualitative evaluation labels. 4. Configure workflows to collect quantitative validation signals. 5. Treat the Copilot PR summary as final success evidence. 6. Tune prompts after reviewing failed evaluation cases.
- A workflow is intended to allow agent-assisted validation only in octo-org/payments-api. The same workflow file was copied into octo-org/web-portal. A Copilot-created pull request in web-portal fails immediately. Which option best explains the failure? Select one answer.
- An agent-generated pull request fails after a workflow restores a cached context directory. The maintainer says the workflow appears to be using yesterday’s dependency and issue summary even though the issue was updated this morning. Which option best explains the failure? Select one answer.
- An engineering team is designing how an agent should share state across a GitHub Actions workflow, Copilot CLI session, and Copilot cloud agent context. Match each state-sharing mechanism to the best use. Which mapping is correct?
- An enterprise wants to allow only approved MCP servers for users with Copilot seats. The platform team configures the following enterprise-level policy and registry state.
- An enterprise wants to roll out MCP servers for Copilot users while allowing only approved servers. The security team wants a controlled allow list that supports discovery, blocks unapproved servers on supported surfaces, and includes approved local MCP servers. Which four actions should you perform in order? 1. Set Restrict MCP access to registry servers to Registry only 2. Tell developers to manually edit local MCP configuration files 3. Inventory approved MCP servers and required tool access 4. Publish a registry with correct server IDs and manifests 5. Configure the enterprise or organization MCP Registry URL 6. Set the restriction policy to Allow all during rollout
- An evaluation suite shows that a custom Copilot cloud agent frequently opens draft pull requests that pass linting but fail accessibility review. The failures cluster around React form components in web/forms/**. The team wants a defensible tuning loop rather than a one-off prompt change. Which four actions should you perform in order? 1. Add path-specific instructions for web/forms/**. 2. Measure failures by category and affected path. 3. Rerun the same evaluation cases. 4. Mark all existing draft PRs ready for review. 5. Add or update PR validation for accessibility checks. 6. Remove branch protection until the agent improves.
- An existing workflow already runs a planner agent and a test agent for pull requests. You need to add a security-review agent as a reusable workflow job so it runs after tests and can comment on the pull request with review findings. Which option completes the workflow?
- An organization allows Copilot cloud agent to create draft pull requests for normal application changes. Security policy requires code scanning to run on pull requests to main, and the same required check must run for merge queue entries. The workflow should not grant write access unless it is required. Which option completes the workflow?
- An organization has published an MCP registry that contains only approved internal MCP servers. Developers use Copilot CLI and supported IDEs to connect MCP servers during agent workflows. The organization setting MCP servers in Copilot is enabled, and the MCP Registry URL points to the approved registry. Security reports show developers can still use MCP servers that are not listed in the registry. Which configuration change should you make first?
- An organization is creating a custom Copilot cloud agent named incident-triage. The internal MCP server documentation says the server name is incident and its only required read-only tool for this agent is search_incidents. The agent profile must expose that MCP tool to the custom agent and pass the token from an Agents secret. Which option completes the agent profile?
- An organization wants a custom Copilot cloud agent to diagnose Sentry-backed GitHub issues. The agent should use only the external tools required for diagnosis, authenticate through the correct Copilot agent secret mechanism, and prove the tools are available before the agent is used broadly. Which four actions should you perform in order? 1. Identify the exact repository and external tools required 2. Enable every MCP tool for faster first-run discovery 3. Configure the MCP server with specific allowed tools 4. Store the token as a matching Agents secret 5. Save a broad PAT as a GitHub Actions secret 6. Run a test session and review MCP startup logs
- An organization wants to let Copilot coding agent work on selected repository issues. The agent should be able to create implementation branches and draft pull requests, but repository maintainers must still review and merge the work through the normal pull request process. The repository already has branch protection on main, but Copilot coding agent has not yet been enabled. Which four actions should you perform in order? 1. Review the draft pull request and required checks 2. Create or select a clearly scoped implementation issue 3. Disable required reviews on the default branch 4. Enable Copilot coding agent for the repository 5. Merge the pull request before reviewing generated changes 6. Assign the scoped issue to Copilot
- Copilot cloud agent is assigned to modernize checkout event publishing. The draft plan proposes reintroducing an endpoint that was removed from the repository last month. Which action should you take first? Select one answer.
- Copilot coding agent opened a draft pull request for an issue that required two outcomes: Preserve the public REST API contract. Add a regression test for the reported bug. The PR summary says both were completed, but the evaluation workflow failed. Which option best explains the evaluation result?
- Evaluation results show that the agent now follows current repository conventions, but regressions appear when instruction files are edited without running validation. Review the configuration. Evaluate the following statements. 1. The instruction file can provide repository-wide guidance to Copilot. 2. The workflow runs when only .github/copilot-instructions.md changes. 3. Outdated instructions can reintroduce stale agent behavior.
- Evaluation showed that Copilot CLI was using unrelated local notes when proposing refactors. A developer tries to reproduce the issue from a terminal session. Which change should you make first? Select one answer.
- Evaluation shows that Copilot code review repeatedly misses unsafe SQL string concatenation in migration files. The team adds path-specific instructions for database migrations. Evaluate the following statements. 1. These instructions are scoped to files matching db/migrations/**/*.sql. 2. These instructions replace the need to review Copilot’s output. 3. The next evaluation run should check whether review comments changed on migration PRs.
- Evaluation shows that Copilot-generated pull requests often pass unit tests but break the packaging step. The packaging check must run for pull requests to main, and the same check must also run for merge queue entries because the branch protection rule requires it. Which option completes the workflow?
- Refer to https://docs.google.com/document/d/1gfwVdVdN54OeWzl_fiCP8ZY-Taz1lsrnTcFI1zNWNhU/edit?usp=sha ring Apex needs to implement Planned change 1 and Technical requirement 1 before assigning issue #318 to Copilot again. The team wants the GitHub Issue to prevent vague prompts such as “fix the port scheduler infrastructure.” Which four actions should you perform in order? 1. Convert the completed request into an agent-ready GitHub Issue 2. Define expected outputs and affected repository paths 3. Ask Copilot to infer forbidden actions from Terraform logs 4. Identify service scope, approval path, and operational risk 5. Add success evidence such as plan output and required checks 6. Allow Copilot to apply infrastructure if tests pass
- Refer to https://docs.google.com/document/d/1gfwVdVdN54OeWzl_fiCP8ZY-Taz1lsrnTcFI1zNWNhU/edit?usp=sha ring Apex needs to implement Planned change 4 and Technical requirement 4. Match each state problem to the best control. Which mapping is correct?
- Refer to https://docs.google.com/document/d/1gfwVdVdN54OeWzl_fiCP8ZY-Taz1lsrnTcFI1zNWNhU/edit?usp=sha ring Apex needs to implement Technical requirement 3. Terraform apply operations must be manually triggered, must use the protected port-prod environment, and must not expose environment secrets before approval. Which option completes the workflow?
- Refer to https://docs.google.com/document/d/1gfwVdVdN54OeWzl_fiCP8ZY-Taz1lsrnTcFI1zNWNhU/edit?usp=sha ring Apex needs to respond to the failed agent-policy-check run. The Copilot-created pull request adds a workflow that attempts to apply production infrastructure during pull request validation. Which option best explains the required response? Select one answer.
- Refer to https://docs.google.com/document/d/1gfwVdVdN54OeWzl_fiCP8ZY-Taz1lsrnTcFI1zNWNhU/edit?usp=sha ring Apex wants to evaluate whether the new Copilot implementation improves infrastructure-change quality after Planned changes 1 through 5 are implemented. Leadership does not want a metric that rewards only the number of Copilot-created pull requests. Which evaluation set best matches Apex’s requirements? Select one answer.
- Refer to https://docs.google.com/document/d/1txFFr-X2gg7EGfVfaJjBJZRPWYg6wGxTHne7cD85Ipk/edit?usp=sha ring Lucerne needs to implement Planned change 1 and Technical requirement 1. A developer tries to continue Copilot work for issue #904 from a folder containing local lab notes and exported CSV files. Which change should you make first? Select one answer.
- Refer to https://docs.google.com/document/d/1txFFr-X2gg7EGfVfaJjBJZRPWYg6wGxTHne7cD85Ipk/edit?usp=sha ring Lucerne needs to implement Planned change 2 and Technical requirement 2. The issue form must force requesters to define the expected result, excluded actions, affected files, and validation evidence before assigning Copilot. Which option completes the issue form?
- Refer to https://docs.google.com/document/d/1txFFr-X2gg7EGfVfaJjBJZRPWYg6wGxTHne7cD85Ipk/edit?usp=sha ring Lucerne needs to implement Planned change 4 and Technical requirement 3. The resume workflow evaluates the stored agent state before allowing Copilot to continue execution.
- Refer to https://docs.google.com/document/d/1txFFr-X2gg7EGfVfaJjBJZRPWYg6wGxTHne7cD85Ipk/edit?usp=sha ring Lucerne needs to implement Planned change 5 and Technical requirement 5. The required report-policy check must run when files under release-reports/** change. The workflow validates report metadata and comments nowhere, commits nothing, and uploads no SARIF. Which option completes the workflow?
- Refer to https://docs.google.com/document/d/1txFFr-X2gg7EGfVfaJjBJZRPWYg6wGxTHne7cD85Ipk/edit?usp=sha ring Lucerne needs to respond to a failed validate-analysis run for draft pull request #377. The approved plan allowed changes to analysis/pipeline.py, but not to threshold configuration. Which option best explains what Lucerne should do next? Select one answer.
- Three agents have produced draft pull requests for the same repository. Two PRs update src/auth/session.ts, and one PR updates the login test suite based on assumptions from only one of those implementations. The maintainer wants to resolve the conflict without losing useful work. Which four actions should you perform in order? 1. Compare changed files and identify shared ownership conflicts 2. Mark all draft pull requests ready for review 3. Choose or create one canonical implementation path 4. Rebase or update dependent PRs against the chosen path 5. Merge the PR with the highest test coverage first 6. Re-run checks and review outputs against the original issues
- Three Copilot coding agent tasks are active in the same repository. One task modifies authentication, one modifies checkout, and one updates deployment workflows. Integration checks begin failing only when the agent pull requests are tested together in the merge queue. Which four actions should you perform in order? 1. Require CODEOWNER review for the shared workflow and auth files. 2. Re-enable merge queue after the conflicting PRs are reconciled. 3. Pause or remove the affected PRs from the merge queue. 4. Merge the PR with the smallest diff first. 5. Inspect merge-group logs and coordination artifacts. 6. Disable required checks for the agent-created PRs.
- Two Copilot agent tasks update different services in the same monorepo. Each task opens a draft pull request. The validation workflow is expected to keep their runs separate, but one run cancels the other. Which option best explains the issue? Select one answer.
- Two Copilot coding agent pull requests were opened from separate issue assignments. One PR updates the shared authentication middleware, and the other adds a payment callback that depends on the middleware behaviour. The merge queue fails after both PRs are queued. Which response should you take first? Select one answer.
- Two Copilot coding-agent tasks were started from separate issues. One agent was assigned to improve checkout error handling, while another was assigned to update payment retry behaviour. Both draft pull requests are now failing integration. Which option best resolves the agent conflict? Select one answer.
- Your organization allows Copilot coding agent to work on assigned issues. You must configure the repository so agent work produces reviewable evidence through normal pull request tooling before maintainers merge the change. Which four actions should you perform in order? 1. Add a PR workflow that validates and uploads the evidence directory. 2. Define the required artifact contents in repository agent instructions. 3. Rely on the Copilot-generated PR summary as the artifact. 4. Require the observability workflow check for protected branches. 5. Require the agent to write plan and validation files under agent-output/. 6. Upload inspection artifacts only after merge to main.
- Your team wants to let Copilot coding agent work on low-risk issues autonomously while ensuring human review before shared integration changes are promoted. The current process asks a reviewer to approve every agent action before tests run, which causes long delays and abandoned sessions. Which four actions should you perform in order? 1. Require the integration environment reviewer before deployment jobs proceed 2. Assign every Copilot issue to a senior reviewer before planning starts 3. Let automated tests and code scanning run before the human gate 4. Mark Copilot draft pull requests ready immediately after creation 5. Require branch protection checks for merge-critical validation jobs 6. Review the Copilot draft PR before approving the integration gate
Pass your GitHub exam — faster
Every verified answer and explanation in one place. Practice the full exam and save hours of prep — free to start.
Pass your exam →