Engineers report Copilot PR ads, false coauthors, and Claude Code OpenClaw refusals
A new HN postmortem groups three write-boundary failures: Copilot product tips in PRs, VS Code's default AI co-author trailers, and Claude Code sessions tripped by OpenClaw repo content. The cases matter because repo scanning, commit metadata, and billing logic still cross user-controlled boundaries.
TL;DR
- After a teammate asked Copilot to fix a typo, the agent edited the pull request description to add a Copilot and Raycast plug, according to the main HN report, and a GitHub employee later said in the HN follow-up that the team had disabled PR product tips entirely.
- VS Code shipped
git.addAICoAuthorwith a default that auto-appendedCo-authored-by: Copilot, as the HN summary of PR #310226 describes, then moved to revert the default after false attribution and config mismatch reports surfaced in the discussion thread. - Claude Code users reported that repositories mentioning "OpenClaw" could trigger refusals or immediate extra-usage burn, with reproducibility reports collected in the main HN thread and the discussion summary.
- The shared failure mode is write boundary drift: PR copy, commit metadata, and usage routing all crossed user-controlled boundaries, while VS Code 1.118 release notes, Anthropic's Claude Code docs, and GitHub issues on Claude Code billing show how much of that behavior lived in defaults and backend policy rather than obvious prompts.
You can read Zach Manson's original PR ad post, the exact VS Code PR that enabled AI co-authoring by default, and the follow-up PR that aligned the default with chat and agent edits. The Claude Code side is weirder: Anthropic's own legal and compliance page now spells out separate treatment for Agent SDK and claude -p, while one GitHub issue claims identical commands were billed differently depending on whether OpenClaw spawned them.
PR descriptions
GitHub Copilot Injects Product Advertisements into User Pull Requests
Developer Zach Manson reported that after a team member used GitHub Copilot to fix a typo in his pull request, the tool automatically modified the PR description to include an advertisement for Copilot and the productivity tool Raycast. Following community backlash on platforms like Hacker News, GitHub representatives confirmed they had disabled these product tips, acknowledging that while they were intended to help users learn about features, the execution was misguided and inappropriate when applied to external pull requests.
Zach Manson's write-up says a teammate invoked Copilot for a typo fix, and Copilot then rewrote the PR description to include promotional copy for Copilot and Raycast. That is a narrow bug with a very visible blast radius, because the edited artifact was not a scratchpad or chat window, it was the review text other humans see first.
GitHub's own response, quoted in the HN discussion highlight, was blunt: the team had been inserting "product tips" into PRs created by or touched by the coding agent, and then disabled the feature after the backlash. The Register's coverage adds that a Copilot team member posted the explanation directly in the thread.
Discussion around Copilot edited an ad into my PR
Thread discussion highlights: - simonw on GitHub disabled the feature: GitHub have now disabled this... "Disabled product tips entirely thanks to the feedback." - stratoatlas on Agent scope and access: The moment Copilot inserted something you didn't request, using your credentials, in your name, the agency relationship inverted. - calibas on Ad copy vs attribution: It's not just mentioning it was written via Copilot, it's explicitly advertising for another product.
The sharpest reaction in the thread was not about ads as such. In the core HN summary, commenters focused on scope: once an agent can write into a PR description under a user's identity, even a "tip" becomes a permissions story.
Commit trailers
Summary of VS Code Pull Request #310226: Enabling AI Co-Author by Default
Pull Request #310226, titled "Enabling ai co author by default," introduced a change to the VS Code Git extension to automatically append a "Co-authored-by: Copilot" trailer to commit messages when AI-generated code is detected by changing the default value of the git.addAICoAuthor setting from "off" to "all". This change was released in version 1.117. Following reports of a regression where non-AI-generated code was incorrectly attributed and the feature persisted even when AI features were disabled, the default was subsequently reverted to "off" in a later update (PR #313931).
Microsoft's change landed one layer deeper in the toolchain. PR #310226 flipped git.addAICoAuthor from off to all, and VS Code 1.118 announced that Copilot would be added as a Git co-author by default for chat and agent workflows.
That rollout then forked three ways:
- The HN summary says the default change shipped through the built-in Git extension.
- The discussion thread points to a schema and runtime mismatch, where the config schema default changed but the runtime fallback still behaved differently.
- PR #312880 later changed the default to
chatAndAgent, explicitly aligning the runtime fallback with the configuration schema.
Discussion around VS Code inserting 'Co-Authored-by Copilot' into commits regardless of usage
Thread discussion highlights: - dmitriv on author response / revert: I am the person who approved this PR... apologize for the mistake of turning this feature on by default without sufficient upfront validation... revert default to off in 1.119 update. - ddkto on runtime inconsistency: The configuration schema default was changed to "all", but the runtime fallback... still calls config.get('addAICoAuthor', 'off'). This is now out of sync and can lead to unexpected behavior...
By the time the thread blew up, the problem was not just philosophy about attribution. It was bad state propagation. In the core summary, HN commenters describe cases where non-AI changes were tagged anyway, and the approving maintainer apologized in-thread before saying the default would be moved back off in a later update.
Repo-string triggers
Claude Code Reports and Quota Issues Triggered by "OpenClaw" Mentions in Git Commits
Developer Theo Browne reported that Anthropic's Claude Code tool exhibits unusual behavior when interacting with local Git repositories containing the term "OpenClaw," such as in JSON blobs or commit messages. Users have observed that Claude Code may either refuse to process requests or unexpectedly consume their "extra usage" quota, effectively billing them or hitting usage limits immediately upon detecting the term. Community analysis suggests this may be due to hardcoded instructions in the system prompts that flag the term, though Anthropic has not officially clarified the mechanism.
The Claude Code reports are less cleanly documented, but they surface a nastier boundary. Theo Browne's report, summarized in the primary HN item, says local repositories containing the term "OpenClaw" could trigger either refusals or immediate extra-usage exhaustion, including when the term appeared in JSON blobs or commit history.
Community reproduction is what made the story stick. The discussion summary includes one report of claude -p "hi" disconnecting immediately and sending session usage to 100 percent, plus another claim that some users had been auto-opted into Extra Usage. A separate Anthropic GitHub issue about OpenClaw billing goes further, claiming the exact same claude -p invocation succeeded from terminal and isolated jobs but failed with a 402 when spawned by the OpenClaw gateway.
Discussion around Claude Code refuses requests or charges extra if your commits mention "OpenClaw"
Thread discussion highlights: - abdullin on reproducibility: I reproduced this on my account... `claude -p "hi"` Immediate disconnect and session usage went to 100% - andrew_eu on extra usage opt-in: you were probably auto-opted-in to "Extra Usage". You can disable it on the "Usage" page - stingraycharles on implementation quality: it looks like a simple regex... Could have been as easy as including some Claude Code specific prompting traits... and automatically whitelisting it
The working theory in the thread, captured in the core HN summary, was a crude repo-content or process-context filter, not a general usage limit bug. Anthropic had not publicly explained the mechanism in the evidence window.
First-party tools caught in their own gates
One extra wrinkle did not come from OpenClaw at all. Anthropic's legal and compliance page says advertised Pro and Max limits assume ordinary individual Claude Code and Agent SDK usage, and it now notes a separate monthly credit model for Agent SDK and claude -p usage.
That distinction was messy in practice. In GitHub issue #45016, a user reported Anthropic's own VS Code extension returning a 400 error that said, "Third-party apps now draw from your extra usage, not your plan limits," even though the extension was first-party. GitHub issue #46262 described a similar context-sensitive split for OpenClaw-spawned CLI calls.
The throughline across all three cases is ugly and specific. The surprising behavior did not sit in model output alone. It sat in the glue code around PR descriptions, Git trailers, and backend usage classification, which is exactly where engineers expect the rules to stay boring.