
Photo: Jakub Zerdzicki / Pexels
Copilot CLI Gets LLM-Judged Auto-Approvals, Mid-Turn MCP Swapping, and GitHub Actions GITHUB_TOKEN Support
Chris Harper
2 min read
Jul 6, 2026 · 12:08 UTC
TL;DR: GitHub Copilot CLI v1.0.69-1 adds LLM-judged auto-approvals, the ability to enable/disable MCP servers mid-turn, stayInAutopilot mode, and GITHUB_TOKEN support in GitHub Actions — no personal access token needed.
GitHub Copilot CLI v1.0.69-1 (July 4) ships four features that change how long agent sessions feel in practice.
Auto allow-all mode
Instead of approving every tool call manually, Copilot CLI can now run an LLM judge to evaluate each request against your stated intent and auto-approve acceptable ones. This mirrors Claude Code's Auto permission mode — the right choice for well-understood, repetitive agentic tasks where you trust the CLI's judgment. Like Claude Code's implementation, you stay in control by defining the scope upfront rather than rubber-stamping each step.
/mcp manager mid-turn
The /mcp panel can now be opened while the agent is working. You can enable or disable MCP servers on the fly; add/edit/delete/re-auth operations queue and execute after the current turn finishes. The new /mcp list command shows all attached servers and their live status — no more killing the session to check what's connected.
This is particularly useful when you're debugging a multi-tool workflow: if one server is misbehaving, you can disable it mid-run without losing the session context you've built up.
stayInAutopilot
By default, Copilot CLI drops back to interactive mode when an autopilot task completes. A new stayInAutopilot option keeps it in autopilot after a task, which matters when you're chaining tasks or watching a long pipeline run to completion without re-prompting between steps.
GITHUB_TOKEN in Actions (July 2)
Copilot CLI can now authenticate in GitHub Actions using the built-in GITHUB_TOKEN directly — no personal access token or separate repository secret required. This removes the most common security anti-pattern in CI agent setups: long-lived credentials tied to an individual developer that need rotation and break when that person leaves.
- name: Run Copilot CLI agent
uses: github/copilot-cli-action@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
prompt: "Review the diff and flag any security issues"
Sources: Copilot CLI releases — GitHub Releasebot · Adding MCP servers for GitHub Copilot CLI — GitHub Docs · Configuring GitHub Copilot CLI