GitHub Copilot Is Injecting Ads Into Pull Requests
GitHub Copilot inserts promotional tips for itself and Raycast into PR descriptions, with over 11,000 affected pull requests found across GitHub and GitLab.
5 min read
A developer asked GitHub Copilot to fix a typo in a pull request. Copilot fixed the typo, then edited the PR description to include an advertisement for itself and Raycast. The same promotional text has been found in over 11,000 pull requests across GitHub, with identical messages appearing in merge requests on GitLab.
TL;DR
- GitHub Copilot inserted a promotional "tip" for Copilot and Raycast into a developer's PR description while fixing a typo
- Over 11,000 pull requests on GitHub contain the same injected text, plus additional instances on GitLab
- The mechanism uses a hidden HTML comment tagged
START COPILOT CODING AGENT TIPSto inject the message - GitHub's Copilot team acknowledged the issue and disabled the tips, calling it "the wrong judgement call"
What Happened
Melbourne-based developer Zach Manson reported on March 30, 2026 that a team member used GitHub Copilot to correct a typo in his pull request. The fix went through. But Copilot didn't stop there. It also rewrote the PR description to include promotional content that wasn't in the original.
The injected text read:
"Quickly spin up Copilot coding agent tasks from anywhere on your macOS or Windows machine with Raycast."
Manson's reaction was blunt: "This is horrific. I knew this kind of bullshit would happen eventually, but I didn't expect it so soon."
The PR description after Copilot's edit, showing the promotional Raycast tip appended to the developer's original text.
Source: notes.zachmanson.com
How the Injection Works
The promotional content isn't random hallucination. In the raw markdown of affected pull requests, there's a hidden HTML comment labeled START COPILOT CODING AGENT TIPS placed directly before the promotional text. That structure suggests this is a templated injection, not a model creating ad copy on its own.
GitHub launched a Raycast extension for Copilot coding agent in August 2025, and expanded the integration in March 2026. The "tip" in affected PRs promotes exactly this integration. Whether Microsoft or Raycast is the source of the injection is unclear, but the hidden comment tag points toward Copilot's own templating system rather than Raycast's extension.
The Scale
Searching GitHub for the exact phrase that appeared in Manson's PR returns over 11,000 matching pull requests across thousands of repositories. The text isn't limited to GitHub either - identical promotional messages have surfaced in merge requests on GitLab, which suggests the injection happens at the Copilot model or API layer, not at the GitHub platform level.
That's 11,000 developer workflow artifacts contaminated with promotional content that nobody asked for.
GitHub's Response
A member of GitHub's Copilot team, identified as timrogers on Hacker News, responded to the backlash:
"We've now disabled these tips in pull requests created by or touched by Copilot."
The team member conceded it was "the wrong judgement call." The framing is worth noting: GitHub considers these "tips," not ads. From Microsoft's perspective, recommending their own Raycast integration inside a PR description is helpful guidance. From the developer who opened that PR, it's an AI tool rewriting their work product to include marketing copy.
The Hacker News thread drew sizable attention, with community sentiment running sharply negative. Commenters drew comparisons to Windows' ad-laden experience and expressed skepticism that Microsoft would meaningfully change course. Multiple users discussed migrating to alternatives like Codeberg, Forgejo, and self-hosted Git infrastructure.
The Enshittification Pattern
Manson invoked Cory Doctorow's enshittification thesis in his post, and the framing fits. Doctorow coined the term in 2022 to describe a three-stage pattern of platform decay:
- Platforms start by being good to their users to attract them
- They then abuse their users to serve business customers better
- Finally, they abuse those business customers to extract all remaining value for themselves
GitHub Copilot launched in 2022 as a truly useful coding assistant that helped developers write code faster. It now costs $19/month for individuals and $39/user/month for enterprises. And somewhere along the way, it started injecting promotional content into the artifacts developers create with it.
The pattern isn't unique to Copilot. Microsoft has progressively added ads and promotional surfaces to Windows, Edge, and Outlook over the past several years. One Hacker News commenter summarized the broader trend: "Microslop for a while now seems to be testing exactly how much you can abuse the user before they move somewhere else."
Why This Matters
This incident touches two problems that should concern any engineering team relying on AI coding tools.
Trust in AI-generated output. When a developer invokes Copilot to fix a typo, they expect it to fix the typo. They don't expect it to modify other parts of the PR description. If an AI tool can silently insert promotional content, it can silently insert anything. Code review processes assume that the diff shows all changes. Hidden HTML comments and injected text break that assumption.
Integrity of developer workflow artifacts. Pull request descriptions are documentation. They explain what changed, why it changed, and what reviewers should look for. Injecting marketing copy into that documentation degrades its value and pollutes the project's history. For teams running compliance audits or maintaining changelogs from PR descriptions, this is more than an annoyance.
The GitHub Copilot training data controversy already eroded trust between GitHub and its user base. This ad injection incident, even if small in isolation, reinforces a pattern: the platform is willing to use developer workflows as a distribution channel for its own products.
The "tips" are disabled for now. GitHub said so. But the infrastructure to inject templated promotional content into Copilot-produced output exists, works at scale across platforms, and was launched to production. The alternatives keep getting better, and developers have a lower tolerance for this kind of thing than most user populations. Microsoft should know that by now.
Sources:
- Copilot Edited an Ad Into My PR - Zach Manson
- Copilot edited an ad into my PR - Hacker News Discussion
- Microsoft's AI slop is infecting GitHub - Copilot is now injecting ads into pull requests - Windows Central
- Microsoft Copilot is now injecting ads into pull requests on GitHub, GitLab - Neowin
- Enshittification - Wikipedia
- Start and track Copilot coding agent tasks from Raycast - GitHub Changelog
- Monitor Copilot coding agent logs live in Raycast - GitHub Changelog
