Copilot sees your code. AxSentinel makes sure it doesn't see your secrets.
GitHub Copilot sends surrounding code context to GitHub's AI models for completions and chat. If your open files contain hardcoded API keys, database credentials, or customer data, Copilot may include them in its context window. GitHub's Copilot for Business offers some data protections, but the context still leaves your machine.
Route Copilot's traffic through the AxSentinel proxy using system-level HTTP proxy settings. Every request is scanned before it reaches GitHub's servers. This works alongside Copilot for Business — AxSentinel adds a local scanning layer that catches secrets before they ever leave your network.
Run the proxy on port 8990.
~/.axsentinel/sentinel --proxy --port 8990Copilot doesn't support custom API endpoints, so you need to use system-level proxy settings. Add these to your shell profile.
export HTTP_PROXY=http://localhost:8990
export HTTPS_PROXY=http://localhost:8990Open VS Code, trigger a Copilot completion, and check the proxy terminal for scanning activity.
Works with Copilot's existing infrastructure — no GitHub configuration changes needed.
Copilot for Business handles server-side retention. AxSentinel handles client-side scanning before data leaves your machine.
Both inline completions and Copilot Chat requests are intercepted and scanned.
Each developer can choose block, redact, or prompt mode independently.
Free tier includes regex scanning for unlimited developers. Pro adds ML-powered detection and the compliance dashboard.