From aa6c429a3cc809ae52ada3c209ff584e4b62cb3d Mon Sep 17 00:00:00 2001 From: 35C4n0r Date: Fri, 13 Mar 2026 19:23:14 +0530 Subject: [PATCH] feat: add warning in README.md --- registry/coder-labs/modules/copilot/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/registry/coder-labs/modules/copilot/README.md b/registry/coder-labs/modules/copilot/README.md index f67ad560..7005e1ca 100644 --- a/registry/coder-labs/modules/copilot/README.md +++ b/registry/coder-labs/modules/copilot/README.md @@ -19,6 +19,9 @@ module "copilot" { } ``` +> [!WARNING] +> **Security Notice**: This module runs Copilot with `--allow-all` by default, which enables all permissions (equivalent to `--allow-all-tools --allow-all-paths --allow-all-urls`). This bypasses permission prompts and allows Copilot unrestricted access to tools, file paths, and URLs. Use this module _only_ in trusted environments. + > [!IMPORTANT] > This example assumes you have [Coder external authentication](https://coder.com/docs/admin/external-auth) configured with `id = "github"`. If not, you can provide a direct token using the `github_token` variable or provide the correct external authentication id for GitHub by setting `external_auth_id = "my-github"`.