Effloow Lab OpenAI API Run: github-agent-tasks-rest-api-automation-poc-2026

• Date: 2026-06-10T00:31:49.594716+00:00
• Model: gpt-5.5-2026-04-23
• Purpose: api-backed review of a safe dry-run launcher design for GitHub Agent Tasks REST API
• Request ID: req_592b5df2393b49f7966f6c50feb60b97
• Usage: {"input_tokens": 379, "input_tokens_details": {"cached_tokens": 0}, "output_tokens": 1000, "output_tokens_details": {"reasoning_tokens": 516}, "total_tokens": 1379}
• Prompt SHA-256: d5a6d2b203273ef1952be9def22036bbf5c376f2b529c7d0f7a179e4b607dee2
• Safety boundary: no confidential, customer, credential, or private data should be included in this run.

Prompt Excerpt

You are reviewing a proposed internal developer portal launcher for GitHub Agent Tasks REST API. Use only this source-derived context: GitHub docs say the latest REST API version is 2026-03-10; Agent task endpoints are in public preview; start task uses POST /agents/repos/{owner}/{repo}/tasks with prompt required, optional model, create_pull_request default false, base_ref, and head_ref; fine-grained GitHub App user access tokens and fine-grained PATs can be used; GitHub App installation tokens are not supported; the start endpoint requires Agent tasks repository permission read and write; task states include queued, in_progress, completed, failed, idle, waiting_for_user, timed_out, cancelled; GitHub changelog on 2026-06-04 says Pro, Pro+, and Max users can start and track tasks; docs also state start task is only available to users with Copilot Business or Copilot Enterprise subscription, so plan availability appears documentation-sensitive and must be verified per account; Copilot cloud agent works in an ephemeral GitHub Actions-powered environment, can work in one repository and one branch at a time, can open exactly one PR, and has a 59 minute max session; repository custom instructions and AGENTS.md can guide agents; MCP secrets for Copilot must use COPILOT_MCP_ prefix. Task: produce a concise risk review for a dry-run-only launcher. Return sections: Required preflight checks, JSON payload guardrails, audit log fields, when to set create_pull_request=false, and limitations. Do not invent pricing, success rates, benchmarks, or live API responses.

Output

## Required preflight checks

**Verified from provided context**
- Confirm REST API version is set to **2026-03-10**, the latest documented version.
- Treat Agent task endpoints as **public preview** and documentation-sensitive.
- Confirm auth token type is supported:
  - Allowed: **fine-grained GitHub App user access tokens** and **fine-grained PATs**.
  - Not supported: **GitHub App installation tokens**.
- Confirm repository permission: **Agent tasks repository permission: read and write**.
- Verify account eligibility before enabling launch:
  - Changelog says **Pro, Pro+, and Max** users can start and track tasks.
  - Docs also state start task is available only to users with **Copilot Business or Copilot Enterprise**.
  - Therefore availability must be verified per account before relying on the launcher.
- Confirm target scope:
  - One repository.
  - One branch at a time.
  - At most one PR can be opened by the cloud agent.
  - Max session is **59 minutes**.
- Confirm repository guidance files are understood:
  - Repository custom instructions and `AGENTS.md` may guide the agent.
- Confirm Copilot MCP secrets, if referenced, follow the required prefix:
  - `COPILOT_MCP_`.

**Dry-run assumption**
- For a true dry-run-only launcher, the safest preflight rule is: **do not send `POST /agents/repos/{owner}/{repo}/tasks`**. Construct and validate the request only.

---

## JSON payload guardrails

**Allowed request shape from provided context**
` ` `json
{
  "prompt": "required",
  "model": "optional",
  "create_pull_request": false,
  "base_ref": "optional",
  "head_ref": "optional"
}
` ` `

Guardrails:
- Require a non-empty `prompt`.
- Do not include unsupported or experimental fields beyond the documented payload fields.
- Default `create_pull_request` to `false`.
- Require explicit user confirmation before ever allowing `create_pull_request: true`; for dry-run-only mode, block it.
- Treat `model` as optional; do not invent or assume valid model names without current documentation/account verification.
- Validate that `base_ref` and `head_ref`, if supplied, match the intended repository and branch workflow.
- Do not

Limitations

This API run is a bounded lab check. It is not a production benchmark, user study, or proof that an external product works in a real customer environment.

Source Research Notes

• GitHub Changelog, 2026-06-04: Agent tasks REST API available in public preview for Copilot Pro, Pro+, and Max users; the API can start and track Copilot cloud agent tasks.
• GitHub REST API docs, API version 2026-03-10: GET /agents/repos/{owner}/{repo}/tasks, POST /agents/repos/{owner}/{repo}/tasks, GET /agents/repos/{owner}/{repo}/tasks/{task_id}, account-level list/get endpoints, task state filters, token types, and status codes.
• GitHub REST API docs for starting a task: prompt is required; model, create_pull_request, base_ref, and head_ref are documented request fields; the endpoint is public preview and currently says it is available to Copilot Business or Copilot Enterprise users.
• GitHub Copilot cloud agent docs: the agent works in GitHub's environment, is scoped to one repository and one branch per task, can open exactly one pull request per task, and has a 59 minute maximum session.
• GitHub custom-instructions docs: repository-wide instructions, path-specific instructions, and AGENTS.md can guide Copilot work; path-specific custom instructions are currently supported on GitHub.com for Copilot cloud agent and Copilot code review.
• GitHub MCP and cloud-agent docs: MCP extends Copilot with external systems; Copilot MCP secrets and variables must use the COPILOT_MCP_ prefix when passed to MCP servers.

Command Notes

The completed JSON artifact was produced with:

python3 scripts/openai-lab-run.py \
  --slug github-agent-tasks-rest-api-automation-poc-2026 \
  --purpose "api-backed review of a safe dry-run launcher design for GitHub Agent Tasks REST API" \
  --max-output-tokens 1800 \
  --append-note \
  --prompt "[source-derived dry-run launcher risk-review prompt]"

An earlier run used the same safe prompt with --max-output-tokens 1000; it saved correctly but returned response_status: "incomplete". The completed artifact at data/lab-runs/github-agent-tasks-rest-api-automation-poc-2026.openai.json overwrote the JSON file with response_status: "completed".

What Was Not Run

• No GitHub token was used.
• No request was sent to POST /agents/repos/{owner}/{repo}/tasks.
• No live Copilot cloud agent task was started.
• No pull request, branch, repository, MCP server, or GitHub Actions runner was created.
• No pricing, usage limit, success-rate, or benchmark claim was measured.

Effloow Lab OpenAI API Run: github-agent-tasks-rest-api-automation-poc-2026

• Date: 2026-06-10T00:32:30.625713+00:00
• Model: gpt-5.5-2026-04-23
• Purpose: api-backed review of a safe dry-run launcher design for GitHub Agent Tasks REST API
• Request ID: req_94260fc41db74fb9aa9f6f3a7f887fef
• Usage: {"input_tokens": 379, "input_tokens_details": {"cached_tokens": 0}, "output_tokens": 1461, "output_tokens_details": {"reasoning_tokens": 516}, "total_tokens": 1840}
• Prompt SHA-256: d5a6d2b203273ef1952be9def22036bbf5c376f2b529c7d0f7a179e4b607dee2
• Safety boundary: no confidential, customer, credential, or private data should be included in this run.

Prompt Excerpt

You are reviewing a proposed internal developer portal launcher for GitHub Agent Tasks REST API. Use only this source-derived context: GitHub docs say the latest REST API version is 2026-03-10; Agent task endpoints are in public preview; start task uses POST /agents/repos/{owner}/{repo}/tasks with prompt required, optional model, create_pull_request default false, base_ref, and head_ref; fine-grained GitHub App user access tokens and fine-grained PATs can be used; GitHub App installation tokens are not supported; the start endpoint requires Agent tasks repository permission read and write; task states include queued, in_progress, completed, failed, idle, waiting_for_user, timed_out, cancelled; GitHub changelog on 2026-06-04 says Pro, Pro+, and Max users can start and track tasks; docs also state start task is only available to users with Copilot Business or Copilot Enterprise subscription, so plan availability appears documentation-sensitive and must be verified per account; Copilot cloud agent works in an ephemeral GitHub Actions-powered environment, can work in one repository and one branch at a time, can open exactly one PR, and has a 59 minute max session; repository custom instructions and AGENTS.md can guide agents; MCP secrets for Copilot must use COPILOT_MCP_ prefix. Task: produce a concise risk review for a dry-run-only launcher. Return sections: Required preflight checks, JSON payload guardrails, audit log fields, when to set create_pull_request=false, and limitations. Do not invent pricing, success rates, benchmarks, or live API responses.

Output

## Required preflight checks

- Confirm this is a **dry-run only** flow: do not send `POST /agents/repos/{owner}/{repo}/tasks`.
- Use REST API version **2026-03-10**, per the provided source context.
- Confirm the endpoint is treated as **public preview** and subject to change.
- Verify the caller uses a supported token type:
  - Supported: **fine-grained GitHub App user access token** or **fine-grained PAT**.
  - Not supported: **GitHub App installation token**.
- Verify required repository permission: **Agent tasks repository permission: read and write**.
- Verify account/product eligibility before enabling real launch:
  - Source context says a 2026-06-04 changelog mentions **Pro, Pro+, and Max** users can start and track tasks.
  - Docs also say start task is only available to users with **Copilot Business or Copilot Enterprise**.
  - Treat availability as **documentation-sensitive** and verify per account.
- Confirm target repository and branch are appropriate because the cloud agent can work in **one repository and one branch at a time**.
- Check for repository guidance files such as custom instructions and `AGENTS.md`.
- If MCP secrets are referenced, verify Copilot MCP secret names use the required `COPILOT_MCP_` prefix.

## JSON payload guardrails

- Required field:
  - `prompt`: must be present and intentional; dry-run UI should show exactly what would be submitted.
- Optional fields:
  - `model`
  - `create_pull_request`
  - `base_ref`
  - `head_ref`
- For dry-run-only mode:
  - Force or default `create_pull_request` to `false`.
  - Do not submit the payload to GitHub.
- Reject unknown or unreviewed fields to avoid accidental API behavior.
- Validate that `owner` and `repo` are path parameters, not payload fields.
- Do not include tokens, MCP secrets, or other credentials in the JSON payload or preview output.
- If `base_ref` or `head_ref` are supplied, display them prominently because the agent works on one branch at a time.

## Audit log fields

Record only dry-run metadata and intended request details:

- Timestamp.
- Actor/user initiating the dry run.
- Target `owner` and `repo`.
- Intended REST API version: `2026-03-10`.
- Intended endpoint: `POST /agents/repos/{owner}/{repo}/tasks`.
- Token type category, without storing the token value.
- Permission preflight result for **Agent tasks: read/write**.
- Account/product eligibility check result, including whether it was verified or unresolved.
- Payload preview:
  - `prompt` hash or redacted summary, depending on internal policy.
  - `model`, if provided.
  - `create_pull_request`.
  - `base_ref`, if provided.
  - `head_ref`, if provided.
- Dry-run enforcement result: confirm no API start call was sent.
- MCP secret prefix validation result, if applicable.
- Repository instruction sources detected or declared, such as custom instructions or `AGENTS.md`.
- Reviewer/approver, if the portal requires approval before any future real launch.

## When to set `create_pull_request=false`

For this dry-run-only launcher, always set or leave `create_pull_request=false`.

Also prefer `false` when:

- The request is only being previewed or validated.
- The prompt, branch, repository, or account eligibility has not been reviewed.
- The user only wants to estimate what would be sent to the API.
- The branch strategy is not confirmed.
- Human review is required before allowing the agent to open its one possible PR.

## Limitations

- Agent task endpoints are in **public preview**.
- Plan availability is not fully settled from the supplied context and must be verified per account.
- GitHub App installation tokens are not supported for the start endpoint.
- The start endpoint requires **Agent tasks repository permission: read and write**.
- The cloud agent works in an ephemeral GitHub Actions-powered environment.
- The agent can work in **one repository** and **one branch** at a time.
- The agent can open **exactly one PR**.
- Maximum session length is **59 minutes**.
- Known task
...[truncated]

Limitations

This API run is a bounded lab check. It is not a production benchmark, user study, or proof that an external product works in a real customer environment.