GitHub Copilot CLI Best Practices

Copilot CLI is not a terminal shortcut tool. It is an AI coding partner in your terminal. It can understand code, propose approaches, write and modify code, run tests, and open PRs. The catch is you use it for coding, not for typing find.

Two Interfaces, Two Modes

• copilot interactive, copilot -p "prompt" for one-off tasks
• Default is Ask/Execute mode, Shift+Tab switches to Plan mode
• Plan mode shows the plan first, writes code only after you approve. Non-trivial work requires Plan.

Core Commands

/model switch model, /delegate hand off tasks, /experimental trigger Rubber Duck, /memory see its codebase memory, /mcp manage MCP servers, /compact compress context, /context view token usage.

Prompt: Intent, Not Commands

Don’t:

copilot -p "add auth"

Do:

copilot -p "add JWT bearer token auth to POST /api/users, following the pattern in POST /api/posts"

Good prompts have four elements: what, where, how, what not to do.

Plan Mode

Code is cheap to write, bad architecture is expensive to fix. Use Plan mode for anything non-trivial:

copilot
# Shift+Tab
# Enter your requirement, let it propose a plan, approve before it writes

Use cases: new components, database changes, API redesigns, multi-file changes. If the plan is wrong, kill it and ask again — cheaper than rewriting code.

Rubber Duck

Claude Sonnet + Rubber Duck (GPT-5.4) closes 74.7% of the gap between Sonnet and Opus. Most effective on problems spanning 3+ files and 70+ steps.

When it triggers: after plan drafting, after complex implementations, after writing tests before running, reactively when Copilot gets stuck.

Manual trigger:

copilot -p "/experimental review this implementation for race conditions"

/delegate

For well-scoped tasks, let it work autonomously:

copilot -p "/delegate write unit tests for the auth module, use patterns from tests/auth/"

It explores the codebase, creates a branch, writes code, runs tests, opens a draft PR. You review, not micromanage.

Good for: adding tests, implementing features following existing patterns, refactoring, boilerplate.

Memory

It remembers your codebase across sessions:

copilot -p "/memory"

Project structure, coding conventions, existing patterns — no need to re-explain every time. Ask “what does this module do” instead of digging through files yourself.

MCP Servers

Connect external tools to extend capabilities:

• gh MCP — richer GitHub context
• Filesystem MCP — precise file operations with awareness
• Custom MCPs — internal tools, databases

copilot -p "/mcp list"

Security

Copilot CLI can modify files and run commands. Different from IDE Copilot.

Permissions low to high:

Approved a tool for the session? Copilot won’t ask again. That includes rm -rf.

Rules:

• Launch only from trusted directories
• Add --deny-tool='rm' when using --allow-all-tools
• Review every request — not just the command, the intent behind it

When rejecting, give feedback, not just “no”:

no, use the repository error handling pattern instead

Trust in Stages

By task complexity, not by destructiveness.

Stage 1: Understand code, answer questions, find code Stage 2: Single-file changes (add validation, extract functions, reformat) Stage 3: Multi-file changes with Plan mode Stage 4: /delegate autonomous work

A Reference Workflow

copilot
# Shift+Tab → Plan mode
"add rate limiting to our REST API using existing Redis, follow the cache layer pattern"
# Review plan, ask for changes if needed, approve
# Watch implementation, request changes if something looks off
# Complex? /experimental review
# Satisfied?
/delegate write tests for this feature

Summary

1. It is a coding partner, not a command generator
2. Non-trivial work requires Plan mode
3. Complex problems benefit from Rubber Duck
4. Well-scoped tasks suit /delegate
5. Security is your responsibility

Use it to accelerate implementation, not replace thinking.