Share feedback
Answers are generated based on the documentation.

Copilot sandbox

Table of contents
Availability: Experimental
Requires: Docker Desktop 4.58 or later

This guide covers authentication, configuration, and usage of GitHub Copilot in a sandboxed environment.

Official documentation: GitHub Copilot CLI

Quick start

Create a sandbox and run Copilot for a project directory:

$ docker sandbox run copilot ~/my-project

The workspace parameter is optional and defaults to the current directory:

$ cd ~/my-project
$ docker sandbox run copilot

Authentication

Copilot requires a GitHub token with Copilot access. Credentials are scoped per sandbox and must be provided through environment variables on the host.

Set the GH_TOKEN or GITHUB_TOKEN environment variable in your shell configuration file.

Docker Sandboxes use a daemon process that doesn't inherit environment variables from your current shell session. To make your token available to sandboxes, set it globally in your shell configuration file.

Add the token to your shell configuration file:

~/.bashrc or ~/.zshrc
export GH_TOKEN=ghp_xxxxx

Or use GITHUB_TOKEN:

~/.bashrc or ~/.zshrc
export GITHUB_TOKEN=ghp_xxxxx

Apply the changes:

  1. Source your shell configuration: source ~/.bashrc (or ~/.zshrc)
  2. Restart Docker Desktop so the daemon picks up the new environment variable
  3. Create and run your sandbox:
$ docker sandbox create copilot ~/project
$ docker sandbox run <sandbox-name>

The sandbox detects the environment variable and uses it automatically.

Configuration

Copilot can be configured to trust specific folders, disabling safety prompts for those locations. Configure trusted folders in ~/.copilot/config.json:

{
  "trusted_folders": ["/workspace", "/home/agent/projects"]
}

Workspaces are mounted at /workspace by default, so trusting this path allows Copilot to operate without repeated confirmations.

Pass options at runtime

Pass Copilot CLI options after the sandbox name and a -- separator:

$ docker sandbox run <sandbox-name> -- --yolo

The --yolo flag disables approval prompts for a single session without modifying the configuration file.

Base image

Template: docker/sandbox-templates:copilot

Copilot launches with --yolo by default when trusted folders are configured.

See Custom templates to build your own agent images.