GitHub Copilot
by GitHub
AI code generation integrated with GitHub
Risk Score: 10/100 (Low) · 7+ incidents · Legal 26 · Safety 0 · Privacy 18 · Regulatory 0 · Security 0
Risk Score
Apr 27, 2026
Risk Score Breakdown
Legal Risk
Court cases & lawsuits
26/100
Safety Risk
Incidents & harm events
0/100
Privacy Risk
Breaches & GDPR actions
18/100
Regulatory Risk
FTC, EU enforcement
0/100
Security Risk
CVEs & vulnerabilities
0/100
Incident Timeline
7 total incidents · showing 5 most recent
Apr 2026
A malware campaign targeting Chinese-speaking users used trojanized SumatraPDF and GitHub infrastructure to deploy the AdaptixC2 agent and enable remote access via VS Code tunnels. Affected users are those who installed the trojanized software.
Apr 2026
Threat actors are exploiting security vulnerabilities in Microsoft Defender to gain elevated system privileges, and two of the reported flaws were still unpatched at the time of the report. Users and organizations running Microsoft Defender may be affected.
Apr 2026
OpenAI revoked its macOS app certificate after a GitHub Actions workflow inadvertently downloaded a malicious Axios library version in a supply-chain incident. No user data or internal systems were compromised.
Dec 2024
A Ninth Circuit federal appeals case (24-7700) involves GitHub Copilot and OpenAI, with groups including the App Association and the Electronic Frontier Foundation participating and raising concerns about the AI service. The outcome and specific claims are not described in the available details.
Oct 2024
A lawsuit (case 24-6136) is pending in the Ninth Circuit Court of Appeals involving OpenAI-related corporate entities. Limited public details are available on the allegations and current status.
Frequently Asked Questions
What is GitHub Copilot's AI risk score?
GitHub Copilot has an AI Risk Score of 10/100 (Low Risk). This score is calculated from 7+ documented public incidents across legal, safety, privacy, regulatory, and security categories.
Is GitHub Copilot safe to use?
GitHub Copilot by GitHub has a low risk profile based on public data. Organizations should review the full incident list and conduct their own due diligence. This score does not constitute legal advice.
Does GitHub Copilot have lawsuits?
Yes — our public records show 2 court case(s) for GitHub Copilot, including: Court Case: Doe, et al. v. Github, Inc., et al.; Court Case: Doe, et al. v. Github, Inc., et al..
How is the AI Risk Score calculated?
Scores are weighted across 5 categories: Legal (25%), Safety (25%), Privacy (20%), Regulatory (15%), Security (15%). Each incident is scored by severity and type, then decayed based on age. Active lawsuits and fatal incidents do not decay.
Stay ahead of AI risk
Get alerts when GitHub Copilot risk score changes
New lawsuits, breaches, and regulatory actions — delivered to your inbox.