GitHub Agentic AI Developer · 25% of the exam

GitHub Copilot Extensions and Custom Agents: free practice questions

5 sample questions from our 12-question bank for this domain — answers and explanations included. These are the same scenario-based style as the real GitHub exam.

1. An engineer is testing a locally running Copilot Extension backend on their development machine. Since GitHub must be able to reach the backend to deliver Copilot Chat messages, which tool or technique is MOST appropriate for enabling this during development?

  • A. Deploy the backend to a staging environment on a cloud provider for every test iteration
  • B. Use the GitHub Copilot Extension CLI with local tunneling (e.g., via a tool like ngrok or the CLI's built-in tunnel) to expose the local server to GitHub✓ Correct
  • C. Configure a GitHub Actions workflow to spin up a runner that connects to the local machine
  • D. Set the Copilot Agent URL to localhost in the GitHub App settings, since GitHub resolves localhost to the developer's machine
Explanation

The standard and recommended approach for local development of Copilot Extensions is to use local tunneling tools—such as ngrok, or the tunneling capability provided by the GitHub Copilot Extension CLI—which create a publicly reachable URL that forwards traffic to your local server. The Copilot Extension CLI is specifically designed to streamline this testing workflow. Option A is incorrect because re-deploying to a cloud environment for every test iteration is impractical and slow; local tunneling is the standard developer workflow. Option C is incorrect because GitHub Actions runners are ephemeral CI/CD workers and cannot be used to proxy traffic to a developer's local machine in the way described. Option D is incorrect because GitHub's servers cannot resolve 'localhost' to the developer's own machine—localhost refers to the machine running the process (GitHub's servers in this case), not the developer's workstation.

2. A platform team has built an internal Copilot Extension for their engineering organization. They want the extension to be available only to members of their GitHub organization and NOT listed on the public Copilot marketplace. Which publishing approach should they use?

  • A. Publish the extension publicly on the Copilot marketplace but set it to 'unlisted' to hide it from search
  • B. Keep the GitHub App's visibility set to private and install it only within their organization✓ Correct
  • C. Submit the extension for GitHub's marketplace review, then restrict access using repository permissions
  • D. Use a personal access token instead of a GitHub App so the extension does not appear in the marketplace
Explanation

For internal-only Copilot Extensions, you keep the underlying GitHub App set to private (not public) and install it only within your organization. Private GitHub Apps are not discoverable on the Copilot marketplace and are only accessible to organizations or users where the app is explicitly installed. Option A is incorrect because 'unlisted' is not a standard marketplace visibility option that fully prevents access—and any public app submission starts a review process that makes it potentially accessible beyond your org. Option C is incorrect because submitting for marketplace review makes the app a candidate for public listing, and repository permissions do not control GitHub App installation access in the way described. Option D is incorrect because personal access tokens are not used as the foundation for Copilot Extensions; a GitHub App is required, and using a PAT does not affect marketplace discoverability.

3. A Copilot agent extension backend receives an incoming request. The message payload includes a 'references' array alongside the messages array. Which of the following BEST describes what the 'references' field contains?

  • A. A list of GitHub API rate limit headers associated with the current session
  • B. Contextual information attached to the conversation, such as the current file, selected code, or repository details from the user's editor✓ Correct
  • C. The OAuth scopes granted to the GitHub App installation for this user
  • D. A list of previous Copilot Chat sessions that the user has had with this extension
Explanation

In the Copilot Chat protocol, the 'references' array carries structured contextual data that the client (e.g., VS Code or GitHub.com) attaches to the request. This includes editor context such as the currently open file, selected text, the active repository, pull request details, and similar information. Extensions use references to provide context-aware responses. Option A is incorrect because rate limit information is returned in HTTP response headers from the GitHub API, not embedded as a field in the Copilot message payload. Option C is incorrect because OAuth scopes are part of the token/installation metadata, not a per-message field in the chat protocol payload. Option D is incorrect because the references field is not a history of past sessions—conversation history is represented in the messages array, and past sessions are not automatically included.

4. You are developing a skillset Copilot Extension that exposes three functions: search_tickets, get_ticket_details, and create_ticket. When defining these functions for the skillset, which of the following pieces of information is REQUIRED in each function definition?

  • A. A natural-language description of what the function does, so Copilot can decide when to invoke it✓ Correct
  • B. The source code of the function implementation, embedded in the definition
  • C. A hardcoded list of example user prompts that should trigger the function
  • D. The GitHub username of the developer who owns the function
Explanation

In a skillset extension, each function definition must include a natural-language description (along with the function name and parameter schema). Copilot's AI model uses this description to determine which function to call based on the user's intent—without a clear description, Copilot cannot correctly route requests to the appropriate function. Option B is incorrect because function definitions are declarative metadata (name, description, parameters); the actual implementation code lives in your backend service, not in the definition payload. Option C is incorrect because skillset functions do not use hardcoded example prompts for routing—Copilot reasons about intent from the description and parameter schema dynamically. Option D is incorrect because function definitions have no concept of developer ownership metadata; authentication of the service is handled at the GitHub App level, not per-function.

5. While reviewing a Copilot agent extension implementation, you notice that the backend sends a response event of type 'copilot_confirmation' before performing a destructive database operation triggered by a user's request. What is the purpose of this response event type?

  • A. It signals to GitHub that the extension has successfully authenticated and is ready to process requests
  • B. It presents the user with a confirmation prompt in Copilot Chat, requiring explicit user approval before the action proceeds✓ Correct
  • C. It logs the pending operation to the GitHub audit log for compliance purposes
  • D. It pauses SSE streaming and waits for Copilot's AI model to re-evaluate the action's safety
Explanation

The 'copilot_confirmation' event type is a specialized SSE event in the Copilot Chat protocol that renders a confirmation UI (typically with Accept/Dismiss buttons) directly in the chat interface. The extension can then wait for the user's choice before executing potentially dangerous or irreversible operations. This is a best practice for destructive or high-impact actions. Option A is incorrect because authentication between the extension and GitHub is handled at the HTTP request level (signatures, tokens), not through SSE event types in the response stream. Option C is incorrect because copilot_confirmation has no direct integration with GitHub's audit log system—audit logging is a separate platform-level concern. Option D is incorrect because the AI model does not re-evaluate actions in response to this event; the confirmation prompt is shown to the human user, not sent back to the AI for safety analysis.

7 more questions in this domain

Practice the full bank with instant grading, flashcards, and a timed mock exam.

Start practicing free