Copilot CLI prompts excessively for authorization during a single request (“authorization fatigue”)

[Alan-Jowett]

Summary

The GitHub Copilot CLI is prompting for authorization far too frequently during a single high‑level request, resulting in significant “authorization fatigue.” A single prompt such as:

PR 727 needs some work. Investigate and see why it's failing

produced more than a dozen consecutive approval prompts, interrupting the workflow repeatedly.

This greatly degrades usability and makes multi‑step analysis scenarios difficult to use in practice.

What’s happening

When Copilot CLI executes a high‑level task, it often chains together multiple tool invocations (e.g., GitHub API calls, log loading, local file reads, JSON parsing). For each of these internal steps, the CLI repeatedly asks for permission—sometimes multiple times in a row for the exact same file path or the same type of action.

In this scenario, the CLI:

• Retrieved PR metadata
• Checked CI status
• Loaded workflow run lists
• Retrieved workflow logs
• Loaded multiple large log blobs saved to the user’s temp directory
• Queried/tested multiple log patterns
• Checked test files under the repository

Each of these steps resulted in additional authorization dialogs. Over a dozen confirmations were required before the task finished.

Why this is a problem

• User friction: Excessive prompting interrupts flow and makes complex tasks painful.
• Redundant prompts: The CLI often asks for permission to read files it just wrote, or to perform the same type of action multiple times.
• Expected behavior: A single high‑level user action should not require constant re‑authorization, especially when the operations are clearly part of one cohesive workflow initiated by a single command.

Expected behavior

• The CLI should batch or scope authorization for the duration of a single high‑level request (e.g., “Analyze PR 727”).
• After the user approves the initial action, subsequent internal steps of that same chain should proceed without further prompts, unless:
  • a new permission category is needed, or
  • a clearly risky action is about to take place.

Actual behavior

• The CLI prompts repeatedly—sometimes every few seconds—to confirm routine file reads, tool invocations, or GitHub queries, even when they are:
  • safe
  • expected
  • part of the same chain
  • previously approved during the same command

Impact

This drastically reduces the usability of Copilot CLI for multi‑step reasoning tasks, PR analysis, or anything involving workflow logs or large outputs.

Suggested improvements

1. Single approval per top-level request. Treat everything triggered by a single line of user input as one execution context.
2. Permission caching. Cache permission acknowledgements for:
   • specific file paths or glob patterns
   • categories of actions (e.g., “read GitHub workflow logs”)
3. Smarter grouping of tool invocations. Instead of prompting for each intermediate step, provide a single consolidated summary of what the CLI intends to do.
4. User-configurable trust policies.
   • Per‑session trust
   • Per‑repo trust
   • Per‑action-category trust (e.g., allow all read‑only operations)

Environment

• GitHub Copilot CLI (latest version as of Jan 2026)
• Running on Windows (Temp directory prompts especially problematic)
• Repository: public GitHub repo (uBPF), but issue is general to all repos