Agent-Native Infrastructure Management via GitHub Copilot SDK
Give Copilot hands to manage your infrastructure. Ask questions in natural language, get real system data back. Built for the GitHub Copilot SDK Mini Hackathon.
An AI-powered control plane where GitHub Copilot acts as the reasoning engine, orchestrating real system operations through secure tool gateways.
Not a chatbot with AI features. An agent-native system where Copilot is the brain.
- "What's my system status?" โ Gets CPU, RAM, disk usage, uptime
- "Show me running processes" โ Lists processes with CPU/memory usage
- "Check disk space" โ Reports disk usage across partitions
- "What's my network status?" โ Shows interface stats and traffic
โโโโโโโโโโโโโโโโโโโ
โ Web Interface โ โ You interact here (browser/mobile)
โโโโโโโโโโฌโโโโโโโโโ
โ
โโโโโโโโโโผโโโโโโโโโ
โ Copilot Agent โ โ GitHub Copilot SDK (planning & reasoning)
โโโโโโโโโโฌโโโโโโโโโ
โ
โโโโโโโโโโผโโโโโโโโโ
โ Tool Gateway โ โ Security layer (permissions, validation, audit)
โโโโโโโโโโฌโโโโโโโโโ
โ
โโโโโโโโโโผโโโโโโโโโ
โ System Tools โ โ Your custom tools (API calls, DB queries, etc.)
โโโโโโโโโโโโโโโโโโโ
- Interface Layer: Pure UI - no logic, just displays results
- Agent Layer: Copilot SDK handles all reasoning and planning
- Gateway Layer: Security boundary with permission checks and audit logging
- Tool Layer: Small, deterministic operations (yours to customize!)
pip install github-copilot-sdk fastapi uvicorn psutil aiofiles sse-starlette aiohttpcp config.example.py config.pypython server.pyVisit http://localhost:8000 in your browser!
- Create a tool file (e.g.,
my_tools.py):
async def check_api_health(params: dict, context: dict) -> str:
"""Check if my API is healthy"""
import aiohttp
async with aiohttp.ClientSession() as session:
async with session.get("https://myapi.com/health") as resp:
if resp.status == 200:
return "โ
API is healthy!"
return f"โ API returned {resp.status}"- Register in
config.py:
from my_tools import check_api_health
TOOLS = [
check_api_health,
# ... other tools
]- Restart the server - Copilot now knows about your tool!
All tools must follow this signature:
async def tool_name(params: Dict[str, Any], context: Dict[str, Any]) -> str:
"""
Tool description - Copilot sees this!
Permission: READ or WRITE or ADMIN
Parameters:
param_name (type): Description
"""
# Your code here
return "Result string that Copilot will see"Every tool call goes through the security gateway which:
- โ Validates permissions (READ/WRITE/ADMIN)
- โ Checks input schemas
- โ Logs all executions
- โ Handles errors gracefully
All tool executions are logged to ~/.copilot-ops/logs/audit_YYYYMMDD.jsonl:
{
"timestamp": "2026-01-25T07:00:00.123456",
"tool_name": "get_system_info",
"params": {},
"success": true,
"duration_ms": 45.2,
"output": "๐ฅ๏ธ System Status..."
}sysadmin-copilot/
โโโ server.py # FastAPI web server
โโโ copilot_agent.py # Copilot SDK integration
โโโ tool_gateway.py # Security layer
โโโ system_tools.py # Example system monitoring tools
โโโ config.example.py # Configuration template
โโโ config.py # Your config (gitignored)
โโโ .internal/ # Your private tools (gitignored)
โโโ README.md # This file
โโโ REDDIT_POST.md # Hackathon submission details
"Restart the nginx service"
"Check if port 8080 is open"
"Show me the last 50 lines of error logs"
"How many users are in the database?"
"Show me slow queries from today"
"Check database connection pool status"
"Which servers have high CPU?"
"Show me Docker containers that are down"
"Check GPU utilization across the fleet"
"Get the status of my microservices"
"Check if the payment API is responding"
"Show me today's API error rate"
"What's my system doing?"
The SDK analyzes your question and decides which tools to use:
get_system_info- get CPU/RAM/disklist_processes- show running processes
Gateway validates permissions and runs the tools.
SDK combines results into a human-readable response:
"Your system is running well! CPU at 23%, 16GB RAM used (42%), disk 65% full. Top processes: Chrome (8%), Python (3%), Docker (2%)..."
Control what Copilot can do by setting tool permissions:
from tool_gateway import ToolPermission
# Read-only (safe)
permission=ToolPermission.READ
# Can modify data (use carefully)
permission=ToolPermission.WRITE
# System administration (dangerous!)
permission=ToolPermission.ADMINThe server uses Server-Sent Events (SSE) for real-time streaming. Copilot's thinking appears as it happens!
Copilot can chain multiple tools to answer complex questions. It handles this automatically based on your tool descriptions.
- GitHub Copilot SDK (v0.1.18) - Agent framework
- FastAPI - Async web framework
- Python 3.11+ - Async/await throughout
- psutil - System monitoring
- aiohttp - Async HTTP client
[Video coming soon - will show natural language queries, real-time monitoring, and multi-tool reasoning]
- Voice interface integration
- Proactive monitoring (agent alerts you)
- Write operations with confirmation prompts
- Multi-agent orchestration
- Mobile app with push notifications
- Docker deployment
This started as a hackathon project but there's so much potential! Ideas welcome:
- More example tools
- Better error handling
- UI improvements
- Documentation
MIT License - see LICENSE file
Built for the GitHub Copilot SDK Mini Hackathon. Thanks to the Copilot team for an amazing SDK!
Special thanks to the community for inspiration and support.
Q: Is this safe to use?
A: Yes, with proper permissions! Start with READ-only tools. Add WRITE/ADMIN tools carefully and review audit logs.
Q: Can I use this in production?
A: It's hackathon-quality code, but the architecture is solid. Add authentication, rate limiting, and hardening for production.
Q: Does it work on Windows/Mac/Linux?
A: Yes! System tools use cross-platform libraries (psutil).
Q: Can I connect to external APIs?
A: Absolutely! Write async functions that call any API, database, or service.
Q: How do I secure this?
A: Use Tailscale for network security, implement authentication, review tool permissions, monitor audit logs.
Questions? Open an issue or reach out! ๐