AI Agents in Every IDE: The Complete Guide for Dev, DevOps & Architects

⚡ What this guide saves you

Instead of Googling each of these, ask your AI agent inside your IDE:

“My Kubernetes pod keeps OOMKilling — what’s wrong and how do I fix it?”
“This GitHub Actions pipeline failed at the Terraform apply step. Here’s the log. What happened?”
“Write a Helm chart for my FastAPI service with readiness probes, HPA, and resource limits.”
“My Azure SQL connection is timing out from the app. Walk me through diagnosing this.”
“Review this Dockerfile for security issues and optimize the build layers.”
“Generate an ADR for choosing Azure Service Bus over Event Grid for this use case.”

💻

Software Developer

Write, debug, test, and refactor code faster. Get explanations instead of Stack Overflow tabs.

🚀

DevOps Engineer

Build pipelines, troubleshoot deployments, manage IaC, and triage incidents without leaving the terminal.

🏛️

Cloud Architect

Design, review, document, and validate architecture decisions with a model that knows your codebase.

The productivity shift from AI tools is real — but only when they are wired into your actual working environment, not used as a separate browser tab. This guide covers every major IDE, every major AI tool, and gives you exact prompts you can use today for real problems: production incidents, failed deployments, security reviews, and complex builds.

IDEs covered with specific setup instructions

15+

real scenario prompts across all three personas

new browser tabs needed for common engineering problems

🗺️

Section 1 — The AI Tool Matrix: What Works Where

Which tools integrate with which IDE and what they actually do

Before installing anything, understand the landscape. Not every tool works in every IDE, and they serve different purposes.

AI Tool	VS Code	JetBrains	Visual Studio	Eclipse	Neovim	Best For
GitHub Copilot	Native	Plugin	Extension	Partial	Plugin	Inline completions, chat, agent mode, model switching
Claude (via Copilot)	Model picker	Model picker	Model picker	Not yet	Not yet	Long-context reasoning, architecture reviews, ADRs
Cursor	Fork of VS Code	No	No	No	No	Deep multi-file edits, prototyping, Composer mode
Amazon Q Developer	Extension	Plugin	No	Plugin	No	AWS CDK, CloudFormation, Lambda, Java/Python heavy stacks
Gemini Code Assist	Extension	Plugin	No	No	No	GCP IaC, BigQuery, GKE, multi-cloud teams
Continue.dev	Extension	Plugin	No	No	Plugin	Open source, bring-your-own-model (Ollama, Azure AI, Bedrock)
Codeium / Windsurf	Extension	Plugin	Extension	Plugin	Plugin	Free tier, broadest IDE coverage, good for restricted environments

🔧 Recommendation by team type

Azure / Microsoft shop: GitHub Copilot Enterprise — lives in the Microsoft trust boundary, Defender for DevOps integration, org-level policy
AWS-heavy / Java teams: Amazon Q Developer — best CDK and Java understanding, Eclipse support for enterprise Java
Air-gapped / regulated: Continue.dev with a locally deployed Ollama model or Azure AI Foundry private endpoint — no data leaves your network
Greenfield / fast prototyping: Cursor — deepest multi-file edit capability and native MCP support
Multi-cloud / heterogeneous: GitHub Copilot for primary, Gemini Code Assist for GCP-specific resources

⚙️

Section 2 — IDE Setup: Step-by-Step for Every Editor

Exact install steps for each IDE — pick yours

Install GitHub Copilot + Copilot Chat

Ctrl/Cmd+Shift+X → search “GitHub Copilot” → install both extensions. Sign in with your GitHub account. Inline completions (Tab to accept) are active immediately.

Open Copilot Chat & switch to Agent mode

Click the chat icon in the Activity Bar or press Ctrl/Cmd+Alt+I. In the input dropdown, select Agent. Agent mode lets Copilot run terminal commands, edit files, and iterate autonomously.

Select Claude as your model for complex tasks

Bottom of the Copilot Chat input box → click the model name → select Claude Sonnet or Claude Opus. Use Claude for architecture questions, long docs, and deep reasoning. Switch back to GPT-4o for quick completions.

Install supporting extensions

For cloud/DevOps work: HashiCorp Terraform, Azure Bicep, Kubernetes (ms-kubernetes-tools), Docker, YAML (Red Hat), GitLens. These give Copilot schema awareness — it generates syntactically correct configs, not just plausible guesses.

Create the workspace instructions file

Create .github/copilot-instructions.md at your repo root. Every Copilot prompt in the workspace automatically includes this context. Put your naming conventions, tech stack, provider versions, and security requirements here. See the example below.

Wire up MCP servers (optional, powerful)

Create .vscode/mcp.json to connect tool servers. This enables agent mode to actually run commands — not just suggest them. GitHub MCP lets the agent open PRs; shell MCP lets it run terraform, kubectl, az.

📄 .github/copilot-instructions.md — paste and fill in your details

## Project Context
[Brief: what this repo does, what team owns it]

## Tech Stack
- Language: Python 3.12 / Go 1.22 / TypeScript 5 / Java 21
- IaC: Terraform, azurerm >= 3.90.0
- Container: Docker + AKS 1.30 / EKS 1.29
- CI/CD: GitHub Actions (OIDC auth, never client secrets)
- Secrets: Azure Key Vault / AWS Secrets Manager

## Naming Convention
{env}-{region-short}-{service}-{instance}  e.g. prod-eus2-api-01

## Non-Negotiable Defaults
- Tags on every cloud resource: Environment, Owner, CostCenter, Project
- No hardcoded secrets anywhere in code or config
- All storage encrypted at rest with CMK
- Deny-by-default network rules, no 0.0.0.0/0 inbound

## Test Requirements
- Unit tests required for all new functions
- Integration tests for all API endpoints
- Run: pytest / go test / jest (pick what applies)

📄 .vscode/mcp.json — add MCP tool servers

{
  "servers": {
    "filesystem": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
    },
    "github": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "${env:GITHUB_TOKEN}" }
    },
    "shell": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-shell"],
      "env": {
        "SHELL_ALLOW_LIST": "terraform,kubectl,az,git,docker,helm,npm,go,pytest"
      }
    }
  }
}

Install GitHub Copilot plugin

File → Settings (or Preferences on Mac) → Plugins → Marketplace → search “GitHub Copilot” → Install → Restart IDE. Works in IntelliJ IDEA, GoLand, PyCharm, WebStorm, Rider, DataGrip, and CLion.

Tools → GitHub Copilot → Sign in. Once signed in, open any file and start typing. Ghost completions appear inline. Tab to accept, Alt+] to cycle alternatives.

Open Copilot Chat in JetBrains

View → Tool Windows → GitHub Copilot Chat. The same Chat panel, agent mode, and model picker available in VS Code work identically here. Select Claude from the model dropdown for long-context tasks.

Install Amazon Q for Java/AWS work

Plugins → Marketplace → “AWS Toolkit” (includes Amazon Q Developer). Essential if your stack uses Java Spring Boot, AWS Lambda, or CDK — Q’s Java understanding is significantly better than Copilot for enterprise Java patterns.

copilot-instructions.md works automatically

The same .github/copilot-instructions.md file is read by the JetBrains Copilot plugin. Your conventions carry over from VS Code — no duplicate config.

MCP servers in JetBrains

Settings → Tools → GitHub Copilot → MCP Servers (available in Copilot plugin 1.5+). Add the same server configs as VS Code. The JetBrains AI Assistant plugin (separate) also has MCP support under Settings → Tools → AI Assistant → Model Context Protocol.

💡 When JetBrains beats VS Code

For Java, Kotlin, Scala, Go, and Python — JetBrains IDEs have deeper language server integration than VS Code. Copilot completions in IntelliJ are more accurate for Java Spring patterns, Go interfaces, and Python type hints because the IDE’s type inference provides richer context to the model. If your stack is primarily one of these languages, use JetBrains as your primary IDE.

Install GitHub Copilot extension

Extensions → Manage Extensions → Online → search “GitHub Copilot” → Install. Requires Visual Studio 2022 version 17.10 or later. Restart when prompted.

The GitHub account sign-in prompt appears on restart. Complete the OAuth flow. Copilot Chat opens via View → GitHub Copilot Chat or the toolbar button.

Agent mode and model selection

In the Copilot Chat panel, the mode selector and model picker work the same as VS Code. Select Agent mode for multi-step tasks; Claude for .NET architecture reviews or complex C# refactors.

Inline chat shortcut

Select any code block → Alt+/ to open inline Copilot Chat directly in the editor. Useful for: “fix this method”, “add null checks”, “explain what this LINQ query does” without switching to the chat panel.

💡 Best use in Visual Studio

Visual Studio’s Copilot integration is strongest for .NET, C#, F#, and Azure Functions. Use it to: generate Entity Framework migrations from a plain-English description, refactor async patterns, write unit tests with xUnit/NUnit, and generate Azure SDK client code from the REST API spec.

Install Amazon Q Developer (recommended for Eclipse)

Help → Eclipse Marketplace → search “AWS Toolkit” → Install. This gives you Amazon Q Developer inline completions and chat. Copilot’s Eclipse support is limited; Amazon Q is the stronger choice for Eclipse Java environments.

Install Codeium for broader model access

Eclipse Marketplace → search “Codeium” → Install. Codeium provides inline completions and a chat panel in Eclipse with free tier. Broader model support than Q if you are not on AWS.

Amazon Q: AWS Builder ID (free) or AWS IAM Identity Center for Pro. Codeium: create a free account at codeium.com. Both authenticate via OAuth in the browser.

Use AI chat for Eclipse-specific help

Ask: “Convert this Maven POM to use Spring Boot 3.3”, “Add SLF4J logging to this Java class”, “Write a JUnit 5 test for this service class.” The chat panel works like any other IDE.

Install GitHub Copilot via plugin manager

Using lazy.nvim: add { "github/copilot.vim" } to your plugins list. Or with packer: use 'github/copilot.vim'. Run :Copilot setup after install to authenticate.

Install CopilotChat.nvim for chat interface

Add { "CopilotC-Nvim/CopilotChat.nvim" }. This adds a proper chat panel. Open with <leader>cc (configurable). You can ask questions about the current buffer or entire workspace.

Alternative: avante.nvim for Claude + GPT-4o

Add { "yetone/avante.nvim" }. Configure with your Anthropic or OpenAI API key in the setup. Avante gives you inline diff-based editing — propose a change, accept or reject it — similar to Cursor’s Composer in Neovim.

MCP in Neovim via mcphub.nvim

Add { "ravibrock/mcphub.nvim" }. Configure MCP servers in the setup function. Neovim’s MCP support is community-driven but functional for filesystem and shell server use.

💡 Neovim + AI sweet spot

Neovim with Copilot is excellent for engineers who live in the terminal — SREs, platform engineers, infrastructure specialists. The inline completion quality is the same as VS Code. The chat interface is less visual but faster to operate with keyboard-first workflows. Pair it with tmux and a terminal-based MCP shell server for a fully keyboard-driven agentic environment.

🏳️

Section 3 — Real Scenarios: Software Developer

Stop Googling. Ask the agent in your IDE.

💻 Developer — Debugging a NullPointerException

You (any IDE, Copilot Chat)

I'm getting a NullPointerException at UserService.java:47. Here's the stack trace and the method. Why is this happening and what's the safest fix? [paste stack trace + method code]

Agent response

The NPE occurs because `user.getProfile()` returns null when the user was created before the Profile table existed (legacy records). The call on line 47 assumes profile is always set. Safe fix: add a null check before access. // Before String email = user.getProfile().getEmail(); // After - Option 1: null guard String email = user.getProfile() != null ? user.getProfile().getEmail() : ""; // After - Option 2: Optional (preferred for new code) String email = Optional.ofNullable(user.getProfile()) .map(Profile::getEmail).orElse(""); Also recommend: add a DB migration to backfill Profile records for legacy users so this is a one-time fix, not ongoing handling.

✅ What you got instead of 20 minutes of Google + Stack Overflow

Root cause identified, two fix options with trade-offs explained, and a follow-up recommendation to prevent recurrence. Total time: under 30 seconds.

💻 Developer — Getting a code review before raising a PR

You

Review this Python function for: 1. Security issues (injection, input validation) 2. Performance problems 3. Missing error handling 4. Any Python anti-patterns [paste function]

Agent response

Security: Line 12 - `query = f"SELECT * FROM orders WHERE id={id}"` This is SQL injection. Use parameterised queries: cursor.execute("SELECT * FROM orders WHERE id = %s", (id,)) Performance: Line 28 - you're calling `len(items)` inside the for loop. Python re-evaluates this every iteration. Fix: cache it before the loop: total = len(items) Error handling: The database call on line 19 has no try/except. If the connection drops, this raises an unhandled exception. Wrap in try/except and return a meaningful error response. Anti-pattern: Line 34 uses bare `except:` which catches everything including KeyboardInterrupt. Use `except Exception as e:`

✅ What you got

A structured review that catches SQL injection (a real security vulnerability) plus three quality issues, with exact line numbers and corrected code. Faster than waiting for a team member and more thorough than a quick self-review.

💻 Developer — Writing tests for existing code

You

Generate Jest unit tests for this TypeScript service class. Cover: happy path, null inputs, error responses from the API dependency, and the pagination edge case where totalPages is 0. [paste service class]

Agent (with filesystem MCP, writes the test file directly)

Writing: src/__tests__/order-service.test.ts Generated 8 test cases: ✓ fetchOrders - returns paginated results correctly ✓ fetchOrders - throws when API returns 401 ✓ fetchOrders - throws when API returns 500 ✓ fetchOrders - handles null userId gracefully ✓ fetchOrders - handles totalPages = 0 (empty result set) ✓ createOrder - validates required fields ✓ createOrder - returns order ID on success ✓ createOrder - rolls back on payment failure Running: npm test -- --testPathPattern=order-service Tests: 8 passed, 0 failed

✅ What you got

The agent wrote the test file, ran it, and confirmed all 8 pass. Edge cases you described in plain English were translated into actual test cases. Writing these manually would take 45–60 minutes.

🚀

Section 4 — Real Scenarios: DevOps Engineer

Troubleshoot deployments, fix pipelines, manage infra — without leaving your terminal

🚀 DevOps — Kubernetes pod keeps crashing (OOMKilled)

You (VS Code with kubectl MCP server, or paste log output)

My payment-service pod keeps restarting with OOMKilled. Here's kubectl describe pod output and the current resource limits. What's wrong and what should I set? Name: payment-service-7d8f9b-xk2p4 Limits: memory: 256Mi, cpu: 200m Last State: OOMKilled, Exit Code: 137 Restart Count: 14

Agent response

OOMKilled (exit code 137) means the container exceeded its 256Mi memory limit. The 14 restarts confirm this is repeated. Diagnosis steps: 1. Check actual memory use before OOM: kubectl top pod payment-service-7d8f9b-xk2p4 --containers 2. Get memory over time from Prometheus (if available): container_memory_working_set_bytes{pod="payment-service-*"} Likely causes for a payment service: - In-memory caching without eviction (Redis or local cache) - Large payload processing without streaming - Memory leak in a library (common: JDBC connection pools) Recommended fix: resources: requests: memory: "256Mi" cpu: "200m" limits: memory: "512Mi" # double the current limit as starting point cpu: "500m" Also add a liveness probe so Kubernetes restarts faster instead of waiting for the full OOM cycle.

✅ What you got instead of Googling “kubernetes oomkilled exit 137”

Root cause analysis, exact kubectl commands to diagnose further, likely causes specific to your service type, and a ready-to-paste resource limits fix. Delivered in context, not across 5 Stack Overflow tabs.

🚀 DevOps — GitHub Actions pipeline failing

You

My Terraform apply step is failing in GitHub Actions. Here's the error log. What is causing this and how do I fix the pipeline without changing the Terraform code? Error: Error building AzureRM Client: obtain subscription(...) authorization failed: no cached authorizations Job: terraform-apply uses: hashicorp/setup-terraform@v3 env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

Agent response

This error means the azurerm provider cannot authenticate to Azure. The most common cause: you're using client ID but missing the authentication method. With OIDC (recommended) you need: Required environment variables for OIDC: ARM_CLIENT_ID ✓ set ARM_SUBSCRIPTION_ID ✓ set ARM_TENANT_ID ✗ MISSING ARM_USE_OIDC: "true" ✗ MISSING Updated workflow step: - name: Terraform Apply env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_USE_OIDC: "true" run: terraform apply -auto-approve Also check: the federated credential on the Azure AD app registration must have a subject matching your repo and branch: repo:your-org/your-repo:ref:refs/heads/main

✅ What you got

Exact missing variables identified, corrected YAML ready to paste, and the often-missed federated credential check that catches people the second time. This is a 30-second fix vs. 20 minutes of docs-reading.

🚀 DevOps — Write a Helm chart from scratch

You (Agent mode + filesystem MCP)

Create a production-ready Helm chart for my FastAPI service. Requirements: - Image: myregistry.azurecr.io/fastapi-service:latest - Replicas: 3 (configurable via values) - Resource limits: 500m CPU, 512Mi memory - HPA: scale 3-10 based on 70% CPU - Readiness probe: GET /health, port 8000 - Liveness probe: GET /health, port 8000, initialDelaySeconds 30 - ConfigMap for APP_ENV and LOG_LEVEL - Secret reference for DATABASE_URL from existing k8s secret

Agent (writes files directly)

Creating helm/fastapi-service/ Chart.yaml values.yaml templates/deployment.yaml templates/service.yaml templates/hpa.yaml templates/configmap.yaml templates/ingress.yaml Running: helm lint helm/fastapi-service/ ==> Linting helm/fastapi-service/ 1 chart(s) linted, 0 chart(s) failed Running: helm template fastapi-service helm/fastapi-service/ --dry-run [output: 6 valid Kubernetes manifests rendered]

✅ What you got

A complete, production-ready Helm chart with 6 files, auto-linted and dry-run validated — all from one prompt. Writing this manually takes 45–90 minutes and almost always produces first-draft errors.

🏛️

Section 5 — Real Scenarios: Cloud Architect

Design, review, document, and validate — all inside the IDE

🏛️ Architect — Reviewing an architecture for failure modes

You (Claude model selected for long context)

Review this proposed architecture for our payment processing system. Identify: single points of failure, blast radius if the primary region goes down, security gaps, and which of the 5 Azure Well-Architected Framework pillars this scores worst on. [paste architecture description or paste your Mermaid diagram]

Agent response (Claude)

Single Points of Failure: 1. The Azure SQL primary has no read replica configured. If the primary fails, reads and writes both fail during failover. 2. The API Management instance is in one region with no geo-redundancy configured. APIM failover is not automatic. Blast Radius - Primary Region Failure: - Payment submission: DOWN (no secondary API endpoint in APIM) - Order lookup: DEGRADED (Cosmos DB multi-region reads work) - Notification service: DOWN (Service Bus not geo-redundant) WAF Pillar Weakness: Reliability (score: lowest) - No defined RTO/RPO targets documented - No chaos engineering or fault injection tested - Backup restore has never been validated in production Security Gap: - Managed identities are used correctly - However: the Azure Container Registry has no vulnerability scanning policy on image push

✅ What you got

A structured failure mode analysis that would typically require a 2-hour Architecture Review Board session compressed into a 60-second response. Use the output to drive the follow-up design conversations.

🏛️ Architect — Security scan of all Terraform before a release

You (@workspace active)

@workspace Scan all Terraform files in environments/prod/ against CIS Azure Benchmark v2.0 and Azure Security Benchmark v3. Return: file, line, control ID, risk level, and exact fix.

Agent (reads all files via @workspace)

Scanned 18 files. Found 4 issues: HIGH environments/prod/network.tf:41 NS-1: NSG rule allows inbound RDP from 0.0.0.0/0 Fix: restrict source_address_prefix to corporate IP range MEDIUM environments/prod/storage.tf:23 DP-3: supportsHttpsTrafficOnly not explicitly declared Fix: add supportsHttpsTrafficOnly = true (for audit evidence) MEDIUM environments/prod/aks.tf:88 PA-7: local_account_disabled not set to true Fix: add local_account_disabled = true LOW environments/prod/keyvault.tf:14 LT-4: diagnostic_settings logging retention < 90 days (set to 30) Fix: change retention_days = 30 to retention_days = 90

✅ What you got

A pre-release security scan that replaces a 60-minute manual Checkov review. One HIGH finding (open RDP) would have been caught in production otherwise. Control IDs are ready to copy into your security review report.

🔗

Section 6 — MCP Tool Servers: What the Agent Can Actually Do

The difference between “AI suggests” and “AI does”

MCP (Model Context Protocol) is the open standard that lets AI agents call real tools. Without MCP, the agent can only suggest commands and code. With MCP, it runs them, reads the output, and iterates. Here are the most useful servers for dev and DevOps teams:

MCP Server	What the Agent Can Do	Most Useful For
server-filesystem	Read, write, create, and list files in your project. Edits real files, not suggestions.	All personas — the baseline server, always include this
server-github	Create branches, open/close PRs, post PR comments, search code, manage issues, list workflows	DevOps: automate PR creation from agent. Dev: open issue from a bug report.
server-shell	Execute terminal commands from an allow list: terraform, kubectl, az, git, docker, helm, npm, pytest, go test	DevOps: the most powerful server. Validates, deploys, runs tests autonomously.
mcp-server-azure-cli	Run az commands: list resources, check policy compliance, compare live state vs Terraform	Architect: audit live Azure environment from the IDE without terminal switching
server-kubernetes	List pods, get logs, describe resources, check deployment status, exec into containers	DevOps: read live cluster state so the agent can diagnose and suggest fixes based on actual conditions
server-postgres / server-sqlite	Query databases, read schema, explain query plans, generate migrations	Dev: generate accurate migration scripts from actual schema, not assumed schema
server-fetch	Fetch URLs: read provider docs, OpenAPI specs, REST API definitions without leaving the IDE	All personas: agent pulls the latest Terraform registry docs before generating code
server-docker	List containers, images, logs; run docker commands; inspect compose configs	Dev/DevOps: diagnose container issues from within IDE without switching to Docker Desktop

⚠ Security rule for MCP shell server

Always configure SHELL_ALLOW_LIST to restrict which commands the agent can run. Never allow unrestricted shell access. Start with: terraform,git,kubectl,az,helm,npm,pytest,go. Review and trim the list to only what your workflow actually needs.

⚙️

Section 7 — The Complete Build & Deploy Workflow

From code to production without leaving your IDE

📄

Scaffold

Agent writes code/IaC files

›

✅

Validate

Agent runs linters + tests

›

🛡️

Security

CIS/OWASP scan prompt

›

📄

Document

README + API docs generated

›

🚀

Agent branches, commits, opens PR

›

🛠️

Pipeline

CI runs on PR, deploy on merge

Here are the six prompts for this workflow, issued in sequence in one Copilot Chat conversation. The agent maintains context across the chain — it knows what it built in step 1 when reviewing in step 3.

📋 Prompt 1 — Scaffold

Create a [service type, e.g. FastAPI REST service / Terraform module / Helm chart]
for [describe what it does].
Use my tech stack from the workspace instructions.
Requirements: [list your specific requirements].
After creating, validate it and report any errors.

📋 Prompt 2 — Test

Write unit tests for the code we just created.
Cover: happy path, error paths, edge cases for [describe edge cases].
Run the tests and fix anything that fails before showing me the results.

📋 Prompt 3 — Security Review

Review the code/IaC we just created for security issues.
For application code: check against OWASP Top 10.
For IaC: check against CIS Azure Benchmark v2 / AWS Security Benchmark.
List findings with: location, risk level, and exact fix.

📋 Prompt 4 — Document

Generate documentation for what we just built:
- README with purpose, setup, usage examples
- For APIs: OpenAPI / Swagger annotations
- For IaC modules: inputs table, outputs table, compliance controls satisfied

📋 Prompt 5 — PR (requires GitHub MCP)

Create a feature branch called feat/[name], commit all the files
we created in this session with a meaningful commit message,
and open a draft PR titled "[title]" with a description summarising
what was built and what was tested.

💡

Section 8 — Prompt Patterns That Always Work

Reusable prompt suffixes that upgrade any response

✅ Add these to any prompt for better results

“Explain your reasoning for any non-obvious choices.” — Adds inline comments. Makes review fast. Stops you accepting code you don’t understand.
“What assumptions did you make?” (ask after any response) — Surfaces hidden choices like “I assumed Python 3.11” or “I assumed azurerm 4.x” before they cause failures.
“What are the failure modes?” — Forces the model to surface edge cases it is aware of but didn’t mention. Gold for architecture and DevOps tasks.
“Walk me through this step by step before writing any code.” — For complex tasks, get the plan first. Catch misunderstandings before the agent writes 200 lines in the wrong direction.
“After generating, run [validate command] and fix any errors.” — Closes the validate-fix loop autonomously. You see only working code.
“Give me the simplest possible version first, then I’ll tell you what to add.” — Avoids over-engineering. Iterate from a working minimum instead of debugging a complex first draft.

❌ Never do these

Never paste secrets, API keys, or connection strings into the chat window — replace with [REDACTED] or variable names. Even on enterprise plans.
Never run terraform apply or kubectl apply on production from agent mode without reviewing the plan/diff first. Agent mode executes what you ask. That’s the power. That’s also the risk.
Never accept AI-generated IAM permissions, firewall rules, or RBAC assignments without manual review. These are the highest blast-radius outputs and models frequently generate overly permissive defaults.
Never assume the model knows your specific environment. Without copilot-instructions.md and explicit context, it generates generic code that looks right and integrates wrong.
Never use a vague prompt for a complex task. “Write a deployment pipeline” gets you a demo. “Write a GitHub Actions pipeline for Python 3.12, OIDC to Azure, pytest on PR, terraform plan on PR, terraform apply on merge to main” gets you what you need.

🎖️

Your First Week Checklist

Do these in order — each one builds on the previous

Install GitHub Copilot in your IDE

VS Code, JetBrains, Visual Studio, Neovim — follow the steps in Section 2 for your editor. Verify inline completions work.

Create .github/copilot-instructions.md in your main repo

10 minutes of setup that saves hours across the team. Paste your naming convention, tech stack, and security defaults. This is the most impactful thing you can do.

Switch to Agent mode and try one real task

In Copilot Chat, switch to Agent mode. Ask it to create a test file, a config, or a small service for something you are actually working on. Watch it write and validate in one shot.

Try Claude for your next architecture question

Switch the model to Claude Sonnet. Paste in an architecture you’re designing and ask: “What are the failure modes? What did I miss?” Claude handles long-context reasoning significantly better than GPT-4o.

Add MCP filesystem + shell servers

Add mcp.json with the filesystem and shell servers (allow-listed). This is the step that turns the agent from advisor to operator — it can now write files and run commands.

Run the security review prompt on your existing code

Use the @workspace CIS / OWASP scan prompt from Section 4 or 5 on a codebase you know. See what it finds. Use the output in your next sprint retrospective or security review.

Next time something breaks, ask the agent before Googling

Paste the error, the context, and the question directly into Copilot Chat. Give it two minutes before opening a browser tab. Track how often it gets you to the answer faster.