← Back
GitHub
GitHub Enterprise AI Controls reach general availability with agent governance suite
GitHub CopilotGitHub · releasefeatureapiplatform · github.blog ↗

Enterprise AI Controls Now GA

GitHub has announced general availability of Enterprise AI Controls and the agent control plane, a comprehensive suite of enterprise governance features designed to help administrators maintain oversight and security around AI agent usage across their environments. This release moves beyond preview capabilities to deliver production-ready tools for managing AI systems at scale.

Key Administrator Capabilities

The release delivers several core governance features:

  • Dedicated AI Administration Role: A new enterprise custom role enables fine-grained delegation of AI governance responsibilities, allowing designated administrators to view audit logs, manage agent sessions, and configure enterprise policies without broad system access.

  • Complete Agent Activity Visibility: Full audit logging with actor identifiers distinguishes agent-initiated actions from user actions, while new agent_session.task events capture when sessions start, finish, or fail. Cloud agent session activity now displays all sessions from the last 24 hours (previously limited to 1,000 records) with filterable search by specific agents and organization-level usage tracking.

  • Custom Agent Governance: Administrators can now set and version-control enterprise standards for custom agents through centralized definitions, with one-click push rules to protect the .github/agents/*.md path across the enterprise.

New Capabilities in GA Release

Beyond the preview features, the GA release includes:

  • Programmatic Policy Management: New REST APIs enable administrators to programmatically apply enterprise-wide custom agent definitions from canonical repositories (.github-private/agents/*.md), allowing infrastructure-as-code approaches to agent governance.

  • Unified AI Controls Interface: The AI Controls tab in enterprise settings is now the permanent home for all AI-related policies and settings. The previous separate Copilot policies page has been deprecated and removed.

  • MCP Registry Management: Administrators can manage enterprise-wide Model Context Protocol (MCP) allowlists through a centralized registry URL (MCP allowlists themselves remain in public preview).

Looking Forward

GitHub plans to expand session activity coverage to VS Code and Copilot CLI clients, add programmatic access to agent activity data, increase policy granularity with extended API coverage, and deliver more comprehensive MCP governance options. Enterprise teams can reference the full documentation on AI controls and the agent control plane.