Awesome-omni-skill copilot-vscode
VS Code Copilot platform reference: .agent.md all frontmatter fields, built-in tool names, agent types, context engineering, subagents, handoffs, MCP config, SKILL.md integration, custom instructions. Load when working with custom agents, tool lists, context strategy, or any VS Code Copilot platform feature.
install
source · Clone the upstream repo
git clone https://github.com/diegosouzapw/awesome-omni-skill
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/diegosouzapw/awesome-omni-skill "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/tools/copilot-vscode" ~/.claude/skills/diegosouzapw-awesome-omni-skill-copilot-vscode && rm -rf "$T"
manifest:
skills/tools/copilot-vscode/SKILL.mdsource content
SKILL: VS Code Copilot Platform
Load when the task concerns custom agent files (
), tool selection, context strategy, subagents, handoffs, MCP servers in VS Code, SKILL.md configuration, or any VS Code Copilot feature..agent.mdOfficial documentation: https://code.visualstudio.com/docs/copilot GitHub source: https://github.com/microsoft/vscode-docs/tree/main/docs/copilot Use
in chat to read any page listed in the index at the bottom of this skill.#fetch <url>
When to Load This Skill
- Creating or reviewing a
file.agent.md - Choosing which tools to include (least-privilege applies — see ai-security SKILL)
- Designing a subagent workflow or handoff chain
- Configuring MCP servers in
.vscode/mcp.json - Setting up custom instructions or
copilot-instructions.md - Context engineering: what VS Code puts in the context window, and how to control it
- Any question about VS Code Copilot agent types, modes, or settings
.agent.md
Frontmatter — All Valid Fields
.agent.md--- description: <string> # shown as placeholder in Chat input; one-sentence role summary name: <string> # display name; if omitted, file name is used tools: [<tool-name>, ...] # allowed tools — see Built-in Tool Names below agents: [<agent-name>, ...] # allowed subagents; '*' = all, [] = none model: <string | string[]> # model name or priority list; if omitted = user's current picker user-invokable: <bool> # show in agents dropdown (default: true) disable-model-invocation: <bool> # prevent being called as subagent (default: false) argument-hint: <string> # hint text in chat input field handoffs: # guided transitions to other agents - label: <string> # button text agent: <agent-name> # target agent id prompt: <string> # pre-filled prompt for target send: <bool> # auto-submit prompt (default: false) model: <string> # model for the handoff (format: 'Model Name (vendor)') target: vscode | github-copilot # deployment target (default: vscode) ---
Key rules:
must match the file name for reliable detection by VS Codename- VS Code detects any
in.agent.md
automatically (no registration needed).github/agents/
hides from dropdown but still allows subagent invocationuser-invokable: false
blocks subagent invocation but keeps it in dropdowndisable-model-invocation: true- These two fields replace the deprecated
fieldinfer:
Built-in Tool Names for tools:
List
tools:File & code tools
| Tool name | What it does |
|---|---|
| Read file contents |
| Edit existing files |
| Create new files |
| Search files by name/glob |
| Full-text search across workspace |
| Semantic workspace search ( |
| Find symbol usages and references |
| Combined search tool |
Execution tools
| Tool name | What it does |
|---|---|
| Run terminal commands |
| Access Problems panel (linting, compiler errors) |
| Access current source control changes |
Network tools
| Tool name | What it does |
|---|---|
| Fetch URL content |
| Web search |
| Search a GitHub repository |
Agent tools
| Tool name | What it does |
|---|---|
| Required when using |
Tool sets (reference a group as one name):
#edit#searchtoolsets.jsoncMCP tools: reference as
<server-name>/<tool-name><server-name>/*Least-privilege rule (A1.6): give each agent only the tools required for its specific role. Critics: read-only only (
,readFile,fileSearch).textSearch
Tool Approval & Auto-Approve (chat.tools.autoApprove
)
chat.tools.autoApproveVS Code Copilot can require user confirmation for tool usage. The setting below can allow specific tools to run without prompting.
Architect guidance:
- Prefer no auto-approve by default.
- If you enable auto-approve, scope it to the lowest-risk, read-only tools.
- Never auto-approve anything that can make irreversible changes (deleting resources, sending messages, writing to remote systems).
Threat model reminder (A1.6): tool auto-approval increases the blast radius of prompt injection and mis-scoped agent permissions.
Tool Sets (toolsets.jsonc
)
toolsets.jsoncTool sets let you reference a named bundle of tools instead of listing each tool repeatedly. This helps keep
.agent.mdArchitect guidance:
- Use tool sets to encode role capabilities (e.g.,
,docs-readonly
) and keep them stable.repo-editor - Review tool sets like an API surface: changes can silently widen agent permissions.
- Prefer multiple small tool sets over one broad “kitchen sink” set.
Note: the exact
format and lookup rules are VS Code-specific. Usetoolsets.jsoncon the official docs index at the bottom of this skill when you need the precise schema.#fetch
Agent Types (VS Code)
| Type | Where it runs | When to use |
|---|---|---|
| Local — Agent | VS Code, interactive | Complex multi-file tasks, iterative work, needs editor/terminal context |
| Local — Plan | VS Code, interactive | Breaking down complex tasks before implementation; generates structured plan |
| Local — Ask | VS Code, interactive | Questions about codebase; read-only research |
| Background agent | VS Code, background | Well-defined tasks while you keep working |
| Cloud agent | GitHub, remote | Automated PRs, tasks requiring team collaboration, CI-style jobs |
| Third-party agent | External provider / extension / service | When a non-Microsoft agent workflow is required (policy-approved), e.g., vendor-specific capabilities or integrations not available via built-in agents |
| Custom agent | Local or cloud | Specialized persona: security reviewer, planner, architect, etc. |
Selection guide (architect-facing):
Pick the execution surface first:
- Needs continuous back-and-forth, live editor state, stack traces, linting → Local — Agent
- Needs a plan artifact first, before any changes → Local — Plan
- Needs read-only investigation / explanation → Local — Ask
- Needs autonomy while the user keeps coding in VS Code → Background agent
- Needs a PR-oriented workflow (review + CI), or work should continue without the user's machine → Cloud agent
Then pick the persona:
- Needs a specialized, stable role with least-privilege tools (critic, architect, compliance reviewer) → Custom agent (
).agent.md
Use third-party agents only when necessary:
- If the requirement is “a tool/integration”, prefer adding an MCP tool over introducing a new agent provider.
- If a third-party agent is required, confirm it is policy-approved and treat it as a trust-boundary crossing (A1.6): minimize shared context, avoid secrets, and prefer read-only tasks.
Quick decision checklist (copy into your recommendation):
- Output: chat answer vs code changes vs PR
- Context need: current editor state vs repo-only context
- Runtime need: terminal/linters/tests required?
- Collaboration: needs CI + review trail?
- Risk: any irreversible actions? → require explicit confirmation
- Trust boundary: any external/third-party processing? → minimize context and verify approvals
Subagents
What they are: child agents with isolated context windows. Main agent waits for result, receives only the summary — not the full subagent conversation.
When to use:
- Offload research so main agent context stays focused
- Run multiple analyses in parallel (VS Code runs subagents concurrently)
- Isolate experimental work (dead ends don't pollute main context)
- Apply specialized behavior (use a security-reviewer custom agent as subagent)
How to invoke in a prompt:
Use a subagent to research OAuth 2.0 patterns for Node.js. Return a recommendation.
In
:.agent.md
tools: ['agent', 'readFile', 'fileSearch'] agents: ['forgent-docs-critic', 'forgent-process-critic'] # or '*' for all
Key properties:
- Synchronous: main agent blocks until subagent returns
- Parallel: multiple subagents can run concurrently
- Subagents start with a clean context window — they do NOT inherit main agent instructions
+ subagent-only agents: used for internal pipeline stepsuser-invokable: false
Ref: https://code.visualstudio.com/docs/copilot/agents/subagents
Handoffs
Transition from one agent to another with context and a pre-filled prompt. Handoff buttons appear after a response completes.
handoffs: - label: "Start Implementation" agent: forgent-spec-editor prompt: "Now implement the plan outlined above." send: false # user reviews before submitting - label: "Review Changes" agent: forgent-process-critic prompt: "Review the changes made in the previous step." send: true # auto-submits model: "Claude Sonnet 4.5 (copilot)"
Use for: plan → implement → review pipelines; multi-step workflows where human reviews each step.
Context Engineering in VS Code
How VS Code assembles context
- System prompt — agent body from
.agent.md - Custom instructions — from
+ anycopilot-instructions.md*.instructions.md - Conversation history — compressed when context window fills
- Explicit
-mentions —#
,#file
,#codebase
,#web
, etc.#changes - Automatic context — current editor, workspace index, git state
- Tool outputs — added per iteration in the agent loop
Context sources reference
| What it adds |
|---|---|
| Specific file contents |
| Semantic workspace search result |
| Current source control diff |
| Problems panel contents |
| Web search result |
| URL content |
| GitHub repository search |
Workspace index
- Remote index: built from committed state on GitHub/Azure DevOps — best for large codebases
- Local index: uncommitted changes, hybrid with remote
- Build index: Build Remote Workspace Index command in Command Palette
files are excluded from index (unless opened).gitignore
Ref: https://code.visualstudio.com/docs/copilot/reference/workspace-context
Custom Instructions vs SKILL.md
Custom instructions ( | SKILL.md | |
|---|---|---|
| Purpose | Coding standards, guidelines, always-on rules | Specialized capabilities, lazy-loaded knowledge |
| When loaded | Always (every chat interaction) | On-demand when relevant |
| Content | Instructions only | Instructions + scripts + examples + resources |
| Standard | VS Code-specific | Open standard (agentskills.io), portable |
| Location | | |
Rule: keep
copilot-instructions.mdSKILL.md detection locations
VS Code searches for skills in:
.github/skills/<name>/SKILL.md
← this repo's convention.agents/skills/<name>/SKILL.md.claude/skills/<name>/SKILL.md- User profile:
~/.copilot/skills/<name>/SKILL.md
To add more locations:
setting(chat.agentSkillsLocations)MCP Server Configuration (.vscode/mcp.json
)
.vscode/mcp.json{ "servers": { "<server-name>": { "type": "stdio", "command": "npx", "args": ["-y", "@scope/mcp-server"], "env": { "API_KEY": "${input:api-key}" } }, "<remote-server>": { "type": "http", "url": "https://api.example.com/mcp", "headers": { "Authorization": "Bearer ${input:token}" } } }, "inputs": [ { "id": "api-key", "type": "promptString", "description": "API Key", "password": true } ] }
Key rules:
— server runs in foreground, communicates via stdin/stdout (notype: stdio
for Docker)-d
— VS Code tries HTTP Stream transport first, falls back to SSEtype: http- Secrets via
— never hardcode credentials${input:...} - Tools available as
in<server-name>/<tool-name>
liststools: - Supply chain risk: every MCP server is a new attack surface (OWASP LLM06)
Ref: https://code.visualstudio.com/docs/copilot/reference/mcp-configuration
.vscode/settings.json
— Agent Registration
.vscode/settings.json{ "chat.agentFilesLocations": { ".github/agents": true // scan this folder for .agent.md files }, "chat.agentSkillsLocations": [ ".agents/skills" // additional SKILL.md search path ], "chat.agent.enabled": true, // must be true for agent mode "chat.tools.autoApprove": {} // per-tool auto-approval config }
Architect guidance (minimal safe defaults):
- Keep
empty unless you have a clear reason and a documented safety boundary.chat.tools.autoApprove - If you must add entries, prefer read-only tools first (search/read) and keep the list explicit.
Coverage Checklist — Upstream customization/
Docs
customization/This skill now includes explicit coverage for every page currently in:
https://github.com/microsoft/vscode-docs/tree/main/docs/copilot/customizationUpstream pages (folder contents):
overview.mdcustom-instructions.mdprompt-files.mdagent-skills.mdcustom-agents.mdhooks.mdlanguage-models.mdmcp-servers.md
Design intent for multi-agent systems (A1.2): treat custom instructions as baseline constraints, prompt files as repeatable task macros, custom agents as tool-scoped personas, skills as portable capability packages, MCP as external tool surface, hooks as deterministic guardrails.
Customization Overview — Choosing the Right Mechanism
Use this as a decision table when designing your agent system.
| Goal | Prefer | Why |
|---|---|---|
| Enforce global repo conventions | Custom instructions | Always included; low operational overhead |
| Different rules per language/folder | File-based instructions | Scoped by |
| Repeatable single task (“do X”) | Prompt file ( | Explicit invocation via |
| Multi-step capability + assets | Agent Skill (SKILL.md + resources) | Progressive disclosure + portability |
| Specialist persona + tool boundary | Custom agent ( | Least-privilege tools per role |
| External API / DB / browser / SaaS | MCP server | Adds tool capabilities beyond VS Code built-ins |
| Deterministic enforcement / automation | Hooks | Executes code at lifecycle events; can block tools |
Prompt files vs custom agents:
- Prompt file = “run this procedure” (task).
- Custom agent = “be this role” (persona + tool boundary + optional handoffs/subagents).
Project bootstrap & diagnostics
can generate a starter/init
tailored to the workspace; treat it as a draft to review..github/copilot-instructions.md- If customizations don’t apply as expected: open Chat Configure Chat (gear) → Diagnostics and verify which agents/prompt files/instructions/skills are loaded and whether they have validation errors.
Custom Instructions — Files, Scope, and Precedence
Instruction types
- Always-on (applies to every request)
- File-based (applies when files match patterns or description matches task)
Common file locations (workspace)
- Always-on:
.github/copilot-instructions.md - File-based:
(default).github/instructions/**/*.instructions.md
Additional supported sources (use intentionally)
(always-on instructions file supported by VS Code)AGENTS.md- In this repo,
is also the orchestrator repo map.AGENTS.md - If you also use it as Copilot instructions: keep it dual-purpose and avoid contradictions.
- In this repo,
(always-on for Claude-compat tooling)CLAUDE.md
.instructions.md
frontmatter (key fields)
.instructions.md
: glob pattern relative to workspace root (useapplyTo
to apply to all)**
,name
: UI metadata; keep descriptions explicit so semantic matching worksdescription
Settings you may need (diagnostics-oriented)
— add extra folders for instructions discoverychat.instructionsFilesLocations
— enable/disablechat.useAgentsMdFile
detectionAGENTS.md
— nestedchat.useNestedAgentsMdFiles
in subfolders (experimental)AGENTS.md
— include pattern-matched instructions automaticallychat.includeApplyingInstructions
— include instructions referenced via Markdown linkschat.includeReferencedInstructions
Priority model (conflict resolution)
When multiple sources exist, higher priority generally wins:
- Personal/user instructions
- Workspace/repository instructions
- Organization-level instructions
Portability & team rollout
- Organization-level instructions exist (GitHub org feature); use them for baseline policies across repos.
- Settings Sync can sync user prompt/instruction files across devices (look for the “Prompts and Instructions” sync category).
Architect checklist (keep it effective and safe):
- Keep always-on instructions short and stable; move deep procedures into skills.
- Explain the “why” behind non-obvious rules; include 1–2 examples for edge cases.
- Never embed secrets; reference env vars or input prompts only.
Prompt Files (.prompt.md
) — Slash Commands, Tools, Variables
.prompt.mdLocations
- Workspace:
.github/prompts/**/*.prompt.md - User profile: profile
folderprompts/ - Configure additional locations with
chat.promptFilesLocations
Frontmatter fields (high-signal)
,name
,descriptionargument-hint
:agent
|ask
|agent
|plan<custom-agent-name>
: optional; falls back to pickermodel
: optional; can include MCP tools andtools<server>/*
Variable interpolation (design for reuse)
- Workspace:
,${workspaceFolder}${workspaceFolderBasename} - File context:
,${file}
,${fileBasename}
,${fileDirname}${fileBasenameNoExtension} - Selection:
,${selection}${selectedText} - Input:
/${input:var}${input:var:placeholder}
Tool list priority
If both prompt + agent specify tools, effective tools follow:
- Prompt file tools
- Tools from referenced custom agent
- Default tools of selected agent
Architect checklist:
- Prefer prompt files for repeatable “one-shot” workflows.
- Use prompt files to narrow tools for a specific workflow, not broaden them.
- Reference instructions/skills via Markdown links instead of duplicating rules.
Agent Skills — Progressive Disclosure and Portability
What a skill is
- A folder containing
(required) and optional resources/scripts.SKILL.md - Skills are auto-loaded on relevance or invoked via
./
Skill discovery and loading (3 levels)
- Discovery: only
+name
metadata is considereddescription - Instructions load: body of
is loaded when relevantSKILL.md - Resource access: other files in the skill folder are accessed on demand
Skill frontmatter knobs
→ hidden from slash menu, still auto-loadableuser-invokable: false
→ manual-only (no auto-load)disable-model-invocation: true
Locations
- Project skills:
,.github/skills/
,.agents/skills/.claude/skills/ - Personal skills:
,~/.copilot/skills/
,~/.agents/skills/~/.claude/skills/ - Extend discovery with
chat.agentSkillsLocations
Architect checklist:
- Put “how-to” + examples + scripts in skills; keep global instructions minimal.
- Write skill
like a classifier: capability + trigger phrases.description - Treat skills as a reusable library; version and review them like code.
Custom Agents (.agent.md
) — Personas, Tools, Subagents, Handoffs
.agent.mdThis skill already contains the complete
.agent.mdAdd these customization-specific reminders:
- Custom agents were formerly “custom chat modes”;
→.chatmode.md
..agent.md - If you declare
(subagents), ensureagents:
includestools:
.agent - Handoffs are best for plan → implement → review workflows with human gates.
Hooks — Deterministic Policy and Automation (Preview)
Hooks execute shell commands at lifecycle points and can block/ask/allow tool usage.
Hook events (current set)
SessionStartUserPromptSubmitPreToolUsePostToolUsePreCompactSubagentStartSubagentStopStopHook config locations
- Workspace shared:
.github/hooks/*.json - Claude-compatible:
,.claude/settings.json.claude/settings.local.json - User:
~/.claude/settings.json
Security posture (A1.3)
- Hooks run with your VS Code permissions; treat them as executable code.
- Do not let agents freely edit hook scripts without manual approval.
- Validate/sanitize hook stdin JSON to avoid injection.
Troubleshooting essentials
- Use Chat Diagnostics to see loaded hooks and validation errors.
- Check the Output panel channel for Copilot Chat Hooks to inspect stdout/stderr.
- If using
/Stop
“block” behavior, guard against infinite loops by respectingSubagentStop
.stop_hook_active
Language Models — Constraints That Affect Agent Design
Agent mode may restrict model availability to tool-capable models.
Design implications:
- Prefer explicit
in a custom agent when output consistency matters.model: - If relying on BYOK models, verify tool-calling capability and understand that some Copilot service steps may still occur (embeddings/indexing/intent routing).
- Treat “Auto model selection” as a performance feature, not a governance control.
Also relevant knobs:
- Inline chat can have a different default model via
.inlineChat.defaultModel - Inline suggestions use a separate completions model selection path; don’t assume chat model changes affect suggestions.
MCP Servers — External Tool Surface and Trust
This skill already includes a baseline
.vscode/mcp.jsonAdd these operational/security essentials (A1.3 / LLM06):
- Installing local MCP servers can run arbitrary code; review publisher and config.
- Prefer workspace
for team-shared config; user profile for personal tools.mcp.json - Use input variables / env vars; never hardcode secrets.
- Beyond tools, MCP can provide: resources, prompts, and MCP apps.
- Understand trust prompts: starting from config may bypass interactive trust UX.
Official Documentation Index
Use
#fetch <url>