The short answer: yes, you can funnel the raw model calls that GitHub Copilot already pays for and surface them as a vanilla OpenAI-style endpoint for OpenClaw. It works, it’s cheap, and it feels a bit like cheating. Below is the long answer—complete wiring instructions, caveats, and why some of us think the loophole may close sooner rather than later.

Why bother proxying Copilot into OpenClaw?

Cost. Copilot’s $10 / mo (student) to $20 / mo (individual) flat rate gets you unlimited GPT-4 / GPT-4o calls for code completion. OpenAI wants $0.03 per 1K input tokens + $0.06 per 1K output for the same model when you hit their public API. If your agents generate or critique code a lot, the meter spins fast.

With a thin translation layer you can:

  • Feed GPT-4 to OpenClaw without an OpenAI API key
  • Stay under one predictable monthly fee
  • Share the same quota across VS Code, JetBrains, and your agents
  • Experiment freely without watching token dashboards

The rest of this guide shows the “how.” Whether you should is addressed in a later section.

What exactly are we reverse-proxying?

Copilot’s desktop extensions speak to wss://copilot-proxy.githubusercontent.com/v1 with a protocol similar—but not identical—to the OpenAI chat endpoint. The JSON is 90 % compatible. A community repo called copi-proxy (MIT license) handles the 10 % mismatch: it listens on /v1/chat/completions, rewrites the payload into Copilot’s dialect, forwards the request, and re-streams the response in OpenAI format.

Under the hood:

  1. Fetch a short-lived Copilot JWT via the OAuth device flow.
  2. Use that JWT as a Bearer token in every websocket upgrade.
  3. Cache tokens and refresh silently.
  4. Expose normal HTTPS + SSE so anything that expects the OpenAI spec works unchanged.

Because OpenClaw already ships with an OpenAI connector, we don’t have to modify its source—just point the environment variable at our proxy.

Terms of Service and moral gray areas

This hack is not endorsed by GitHub, Microsoft, or OpenClaw maintainers. A quick reading of GitHub Copilot’s Additional Product Terms reveals:

  • “Copilot is for personal use. Redistribution or provision as a service is prohibited.”
  • Rate limits may be applied “at GitHub’s sole discretion.”
  • Automated methods of extracting model access are not mentioned explicitly, but the spirit is clear.

If you proxy for yourself, you’re bending, not necessarily breaking, the rules. If you expose the endpoint to teammates—or worse, the public—you’re violating them. Decide your own risk tolerance. Expect the loophole to close once enough people abuse it.

Architecture diagram (text version)

You → OpenClaw Gateway → copi-proxy (localhost:7891) → GitHub Copilot service → GPT-4.

No traffic touches OpenAI directly. The gateway thinks it’s talking to api.openai.com. TLS is terminated twice: once at the proxy, again at GitHub’s edge. No additional auth plugins needed inside OpenClaw.

Step-by-step setup

1. Prerequisites

  • Node.js 22.2+ (same requirement as OpenClaw)
  • OpenClaw 0.9.3 or later
  • Active GitHub Copilot individual subscription
  • Git installed

2. Clone the proxy

git clone https://github.com/j178/copi-proxy.git cd copi-proxy npm install --production

3. Authenticate with GitHub

The repo ships with a CLI:

node cli.js login

You’ll see a device code like XXXX-YYYY. Open https://github.com/login/device, paste it, approve “Copi Proxy”. The CLI writes ~/.config/copi-proxy/config.json containing your refresh token.

4. Run the proxy

node cli.js serve --port 7891 --model gpt-4o --stream

The server logs something like:

[copi-proxy] listening on http://127.0.0.1:7891/v1/

5. Point OpenClaw to the new endpoint

In your agent’s project root create or edit .env:

OPENAI_API_BASE_URL=http://127.0.0.1:7891/v1 OPENAI_API_KEY=sk-fake OPENAI_MODEL=gpt-4o

Yes, the key can be anything; copi-proxy ignores it.

6. Restart OpenClaw

npm run claw:start if you use the daemon, or redeploy on ClawCloud under Settings → Environment Variables. Trigger a chat. If everything works you’ll get GPT-4o answers under 300 ms token latency (GitHub’s Sydney region is snappy).

Handling rate limits and quirks

Copilot’s backend isn’t optimized for long-form chat. Some behaviors differ from the public OpenAI endpoint:

  • Context window caps at ~8 k tokens even for “gpt-4o.”
  • Requests > 1 k tokens input are silently truncated.
  • concurrency above 20 req/min returns 429.
  • Error format is {error: {message, code}}, not {error: {message, type}}. The proxy normalizes this, but you’ll still see code: 13 occasionally.
  • Streaming stops at 50 s regardless of timeout_ms. Keep your prompts crisp.

For multi-step plans set OPENAI_MAX_TOKENS=2048 to avoid truncated replies. Store memory in Postgres, not prompt, if you need bigger context.

Cost math vs. vanilla OpenAI

Assume a side project agent that drafts PR comments and reviews. Typical usage:

  • Review 40 files/day, each 200 tokens. 8 k input.
  • Generate 2 k output tokens/day.

OpenAI pricing: 8 k × $0.03 + 2 k × $0.06 = $0.42/day ⇒ $12.60/month. Not bad, until you scale:

  • Team of 8 engineers: $100/month
  • Heavy usage (CI linting, code conversions): $300+

Copilot flat rate remains $20. Savings appear on day one if you’re alone; they 5× at team scale. But every dev needs their own subscription because sharing violates ToS. So the break-even is blurred.

Sustainability: will this still work in six months?

Unknown. Data points:

  • May 2024: GitHub silently rate-limited known proxy ASNs.
  • June 2024: They changed the websocket protocol version from 2.1 to 2.2. copi-proxy updated the same day.
  • July 2024: VS Code extension started sending a hardware hash; the service still accepts client=unknown.

The maintainers of copi-proxy are committed but fewer than five people. If Microsoft decides to require signed extension headers, the cat-and-mouse could end. In the worst case your investment is a couple lines in .env; reverting to real OpenAI keys is trivial.

What the community is saying

Snippets from GitHub Discussions (#884, #926):

  • “Been running for two months, 10–15 K requests/day, no ban.” —@calvinb
  • “Got 403 after leaving a CI job hammering 100 req/min.” —@yuki-mk2
  • “Latency spikes during US mornings, but still cheaper than fine-tuned model hosting.” —@e-varga

Overall sentiment: worth it for tinkering, not production SLAs.

Alternatives if the loophole closes

  • OpenRouter.ai — pay-as-you-go broker; 10–30 % cheaper than OpenAI list.
  • Groq + Llama 3-70B — projects with pure chat, not code, get near-GPT-4 results fast.
  • Local Ollama — fine for private data, zero recurring cost, needs an RTX 4090 for GPT-4-grade quality.

If you switch, point OPENAI_API_BASE_URL to the new host and adjust model names. OpenClaw’s abstraction keeps the rest intact.

Up next

For now the Copilot proxy is the cheapest way to give every OpenClaw agent a GPT-4 brain. If you’re experimenting or running hobby bots, fire it up today—it’s ten minutes of work. Just accept that you’re standing on shifting sand and keep your real OpenAI key in 1Password for the day the 429s start rolling in.