cd /news/ai-tools/security-reviews-now-available-in-th… · home topics ai-tools article
[ARTICLE · art-58899] src=github.blog ↗ pub= topic=ai-tools verified=true sentiment=↑ positive

Security reviews now available in the GitHub Copilot app

GitHub released a public preview of the /security-review slash command in the GitHub Copilot app, enabling developers to run AI-driven vulnerability scans on in-flight code changes directly from their coding environment. The tool detects high-impact flaws such as injection attacks and cross-site scripting, and is available to Copilot Free, Pro, Business, and Enterprise users.

read1 min views1 publishedJul 14, 2026
Security reviews now available in the GitHub Copilot app
Image: GitHub Changelog

You can now run a security review on your in-flight code changes directly from the GitHub Copilot app. The /security-review

slash command is shipping in public preview, bringing the same AI-driven vulnerability scanning already available in Copilot CLI into your everyday coding workflow.

What it does /security-review

analyses your current workstream changes and returns:

  • High-confidence security findings, scored by severity and confidence.
  • Actionable suggestions you can apply and reverify without leaving Copilot.
  • A focused, prioritised view so you can fix the issues that matter before code lands.

The scan is tuned to catch common, high-impact vulnerability classes such as injection flaws, cross-site scripting, insecure data handling, path traversal and weak cryptography.

Why it matters The /security-review

command gives you a way to catch issues while you’re still working without leaving your coding environment. It complements GitHub code scanning, Dependabot, and secret scanning by giving you a lightweight, on-demand check on your local changes.

How to try it Open a project in the Copilot app, make your code changes, and run /security-review

to scan those changes. The command is available to Copilot Free, Pro, Business, and Enterprise users during public preview.

Join the discussion and share your feedback in the GitHub Community.

── more in #ai-tools 4 stories · sorted by recency
── more on @github 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/security-reviews-now…] indexed:0 read:1min 2026-07-14 ·