Vibe Coding
GitHub Ships /security-review in the Copilot Desktop App — Pre-Commit LLM Scanning for All Tiers, Including Free
On 2026-07-14 GitHub made its /security-review slash command available in the Copilot desktop app (previously CLI/experimental-only), bringing AI pre-commit vulnerability scanning to every subscriber including the Free tier with no terminal required. It analyzes the uncommitted workstream diff for five classes — injection (SQLi/shell), XSS, insecure data handling, path traversal, and weak crypto — and returns severity/confidence-scored findings you can fix and re-verify in place. Caveat: it runs the same class of model that generates false positives, so treat it as triage rather than a merge gate.
↳ Follow the thread