Feature Request: Per-Tool Permission Settings for Copilot CLI

[mchades]

Summary:
Currently, GitHub Copilot CLI requires explicit approval for each tool usage, or allows all tools globally with /allow-all. I'd like to request a feature to set persistent approval for specific tools individually.

Use Case:
In my workflow, I frequently use certain tools (e.g., read, find, sed) repeatedly throughout the session. Having to approve each tool invocation adds friction and slows down development. While I appreciate the security safeguard, a granular permission model would improve the developer experience.

Proposed Solution:
Add a command or configuration to permanently allow specific tools while keeping others in "ask-per-use" mode, such as:

• /allow-tool <tool-name> - Add a tool to the allowed list
• /deny-tool <tool-name> - Remove a tool from the allowed list
• /list-allowed-tools - View currently allowed tools

This would give developers finer-grained control over automation while maintaining security boundaries.

Alternative Consideration:
Could also be implemented via a configuration file (e.g., ~/.copilot/tool-permissions.json) to persist settings across sessions.

[yionis01]

yes please! so tedious to reapprove every time . i want the read only tools to be allowed persistently but i don't want to allow all, that is too broad.