Delv
IDEby GitHub4.3

GitHub Copilot Chat

Copilot Chat's MCP support brings agent-style tool use into VS Code's native AI panel. The largest install base of any MCP-supporting client.

Homepage MCP docs
A
Safety & Trust

Delv Safety Grade: A

Score 83/100 · assessed 2026-04-19

Maintainer95
Permissions75
Supply chain85
Transparency70
Incidents90

GitHub Copilot Chat is Microsoft-backed infrastructure with massive scale and professional maintenance. As an MCP client host, it acts as the orchestrator rather than the risk surface—the actual permissions depend entirely on which MCP servers you connect. The host itself runs within VS Code's sandbox with standard extension privileges. Supply chain is solid: distributed through VS Code's marketplace with Microsoft's signing. Transparency is moderate: the MCP integration is documented but the host code itself is proprietary. The main risk vector is that users may connect untrusted MCP servers without understanding the delegation model. No known security incidents specific to the MCP integration. The limited MCP feature set (no prompts, no sampling) actually reduces attack surface compared to full-featured clients.

Green flags

  • Microsoft/GitHub backing provides enterprise-grade maintenance and incident response
  • Largest MCP client install base means community scrutiny of issues
  • Runs within VS Code's existing security sandbox and permission model
  • Limited MCP feature set reduces potential attack surface vs full clients
  • Official Microsoft documentation and support channels available

Red flags

  • Proprietary code limits independent security review of MCP implementation
  • No sampling support means less control over recursive LLM calls from servers
  • Users may not understand that connected MCP servers inherit VS Code privileges
  • MCP server vetting responsibility falls entirely on end users

Permissions requested

Read filesWrite filesOutbound networkRead envExternal LLM call
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

MCP capabilities

  • Tools
  • Resources
  • Prompts
  • Sampling

Platforms

macOSWindowsLinux

Config location

VS Code settings under "github.copilot.advanced.mcp"

Review

GitHub Copilot Chat's MCP support lands where most developers already live: inside VS Code. If you're one of the millions already paying for Copilot, MCP servers slot into the native chat panel without installing another Electron app or switching contexts. That's the killer feature—zero friction for an existing workflow. The implementation is solid but not ambitious. You get tools and resources, which covers the majority of useful MCP servers. No prompts support means you can't inject custom system instructions from servers, and no sampling means servers can't recursively call the LLM. For most use cases—file operations, API calls, database queries—this doesn't matter. For agent-style workflows where servers orchestrate complex reasoning chains, it's a gap. Configuration lives in VS Code settings JSON under "github.copilot.advanced.mcp". It's more verbose than Claude Desktop's simple config file, and you'll need to restart the extension after changes. The upside: settings sync across machines if you use VS Code's settings sync. The downside: no GUI for managing servers, so you're editing JSON by hand. I use this daily with filesystem and git servers. The experience is smooth once configured. Copilot Chat surfaces tool calls inline, so you see exactly what the server is doing. Response quality depends on the underlying model—currently GPT-4 variants—which sometimes needs more explicit prompting than Claude to use tools effectively. The real win is install base. Copilot Chat has millions of active users, making it the de facto MCP client for reaching developers. If you're building MCP servers, compatibility here matters more than any other client. If you're a user, it's the path of least resistance: no new app, no new subscription, just add a config block and go. Rough edges: error messages when servers fail are cryptic, and there's no built-in server discovery or marketplace. You're hunting GitHub repos and pasting config manually. The chat panel also lacks multi-turn context controls, so long MCP sessions can feel cramped compared to dedicated AI apps.
Verdict

If you already use VS Code and pay for Copilot, this is the obvious MCP client—native integration beats switching apps. If you need prompts or sampling support, or want a richer MCP management experience, look at Claude Desktop or Cline instead.

Good at

  • Zero install friction for existing Copilot subscribers
  • Native VS Code integration keeps you in one window
  • Largest user base of any MCP client by orders of magnitude
  • Settings sync across machines via VS Code sync
  • Tool calls surface inline with clear visibility

Watch out

  • No prompts or sampling support limits advanced agent patterns
  • Manual JSON config with no GUI or server discovery
  • Requires extension restart after config changes
  • Cryptic error messages when MCP servers fail
  • Chat panel context management less sophisticated than dedicated AI apps