GitHub Copilot Silently Adds Itself as Co-Author to Commits, Raising Accountability Concerns

Summary

A developer reported a serious issue with GitHub Copilot's commit message generation: the tool is silently inserting 'Co-authored-by: Copilot [email protected]' into Git commit history even after the user manually replaces the AI-generated message with their own. The user discovered this discrepancy when reviewing their Git history before deploying to a test environment, revealing that the commit message shown during the commit process did not match the final message recorded in Git history.

The reported behavior is especially problematic because it occurs inconsistently, making it behave like a 'hidden trap,' and because it undermines the integrity of commit metadata used for code review, deployment decisions, and audit trails. Since Copilot only generated the commit message suggestion and did not author the code, the co-author attribution is factually inaccurate. The user emphasized this is a product safety and trust issue, not a cosmetic problem, and called for critical changes: making co-author attribution strictly opt-in, providing settings to permanently disable the feature, ensuring commit messages shown to users exactly match what gets written to Git, and clearly documenting when and why Copilot may add metadata.

Filed as feedback to GitHub's product team on April 27, 2026, the issue has garnered significant community support. This incident highlights broader concerns about AI tool transparency and the importance of user control over how AI contributions are attributed in professional development workflows.

• The user advocates for opt-in co-author attribution by default and full user visibility and control over any metadata changes by Copilot