diff --git a/.claude/settings.json b/.claude/settings.json
index 94059e1c4313bd..c07050bc03061d 100644
--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -1,4 +1,17 @@
 {
+  "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Bash|PowerShell|create|comment|update|edit|review|push|merge",
+        "hooks": [
+          {
+            "command": "node -e \"let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>{try{const i=JSON.parse(d);const a=i.toolArgs||'';const n=i.toolName||'';if(/gh\\s+(pr|issue)\\s+(create|comment|review|edit|merge|close)/.test(a)||/github/i.test(n))process.stderr.write('Include AI-generated content disclosure (> [!NOTE]) per copilot-instructions.md\\n')}catch{}})\""
+          }
+        ],
+        "description": "Remind about AI disclosure when posting to GitHub via gh CLI or MCP tools"
+      }
+    ]
+  },
   "extraKnownMarketplaces": {
     "dotnet-arcade-skills": {
       "source": {
@@ -10,4 +23,4 @@
   "enabledPlugins": {
     "dotnet-dnceng@dotnet-arcade-skills": true
   }
-}
\ No newline at end of file
+}
diff --git a/.github/hooks/hooks.json b/.github/hooks/hooks.json
new file mode 100644
index 00000000000000..8f956c2ffb96a3
--- /dev/null
+++ b/.github/hooks/hooks.json
@@ -0,0 +1,18 @@
+{
+  "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Bash|PowerShell|create|comment|update|edit|review|push|merge",
+        "hooks": [
+          {
+            "command": "node -e \"let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>{try{const i=JSON.parse(d);const a=i.toolArgs||'';const n=i.toolName||'';if(/gh\\s+(pr|issue)\\s+(create|comment|review|edit|merge|close)/.test(a)||/github/i.test(n))process.stderr.write('Include AI-generated content disclosure (> [!NOTE]) per copilot-instructions.md\\n')}catch{}})\"",
+            "bash": "d=; while IFS= read -r l; do d=$d$l; done; case $d in *'gh pr create'*|*'gh pr comment'*|*'gh pr review'*|*'gh pr edit'*|*'gh pr merge'*|*'gh issue create'*|*'gh issue comment'*|*'gh issue edit'*|*'gh issue close'*|*github*) echo 'Include AI-generated content disclosure (> [!NOTE]) per copilot-instructions.md' >&2;; esac; :",
+            "powershell": "$d = [Console]::In.ReadToEnd(); if ($d -match 'gh (pr|issue) (create|comment|review|edit|merge|close)' -or $d -match 'github') { [Console]::Error.WriteLine('Include AI-generated content disclosure (> [!NOTE]) per copilot-instructions.md') }",
+            "timeout": 5
+          }
+        ],
+        "description": "Remind about AI disclosure when posting to GitHub via gh CLI or MCP tools"
+      }
+    ]
+  }
+}
diff --git a/.github/skills/api-proposal/SKILL.md b/.github/skills/api-proposal/SKILL.md
index 02f926eac99f7c..1acc34ac28ae4a 100644
--- a/.github/skills/api-proposal/SKILL.md
+++ b/.github/skills/api-proposal/SKILL.md
@@ -312,8 +312,6 @@ Present the complete draft to the user for review. Iterate based on feedback bef
 
 ### Phase 5: Publish
 
-> **AI-generated content disclosure:** When posting any content to GitHub (issue body, PR body, comments) under a user's credentials — i.e., the account is **not** a dedicated "copilot" or "bot" account/app — prepend a concise, visible note (e.g. a `> [!NOTE]` alert) indicating the content was AI/Copilot-generated. This applies to the initial proposal, iteration updates, and any follow-up comments posted on the user's behalf. Skip this if the user explicitly asks you to omit it.
-
 #### Step 1: Push and capture commit URL
 
 Commit prototype changes and push the branch to the user's fork (default) or ask for an alternative remote. Capture the commit URL for inclusion in the proposal (e.g., `https://github.com/<owner>/<repo>/commit/<sha>`).
diff --git a/.github/skills/code-review/SKILL.md b/.github/skills/code-review/SKILL.md
index 249dab85cfc257..f801fe015a7d60 100644
--- a/.github/skills/code-review/SKILL.md
+++ b/.github/skills/code-review/SKILL.md
@@ -105,8 +105,6 @@ When the environment supports launching sub-agents with different models (e.g.,
 
 When presenting the final review (whether as a PR comment or as output to the user), use the following structure. This ensures consistency across reviews and makes the output easy to scan.
 
-> 📝 **AI-generated content disclosure:** When posting review content to GitHub (PR review comments, PR comments) under a user's credentials — i.e., the account is **not** a dedicated "copilot" or "bot" account/app — you **MUST** include a concise, visible note (e.g. a `> [!NOTE]` alert) indicating the content was AI/Copilot-generated. Skip this if the user explicitly asks you to omit it.
-
 ### Structure
 
 ```
diff --git a/.github/skills/issue-triage/SKILL.md b/.github/skills/issue-triage/SKILL.md
index 38a2434cae9075..0b3948fd5efbe2 100644
--- a/.github/skills/issue-triage/SKILL.md
+++ b/.github/skills/issue-triage/SKILL.md
@@ -450,9 +450,14 @@ Key points: each section has multiple outcome variants (pick the one that matche
 
   When posting any content to GitHub under a user's credentials (not a dedicated bot account), you **MUST** include a concise, visible note (e.g. a `> [!NOTE]` alert) indicating the content was AI/Copilot-generated. Skip this if the user explicitly asks you to omit it.
 
-- **NEVER** use `gh issue close`, `gh issue edit`, `gh issue comment`, or `gh pr review --approve`/`--request-changes` **unless the user explicitly asks you to** after picking an outcome.
-
-- **Security concerns are out of scope.** Do not assess, discuss, or make recommendations about potential security implications. Security assessment is handled through separate processes.
+- **NEVER** use `gh issue close`, `gh issue edit`, `gh issue comment`, or
+  `gh pr review --approve`/`--request-changes` **unless the user explicitly
+  asks you to** after picking an outcome.
+
+- **Security concerns are out of scope.** This skill does not assess, discuss, or
+  make recommendations about potential security implications of issues. If you
+  believe an issue may have security implications, do not mention this in the
+  triage report. Security assessment is handled through separate processes.
 
 - **Do not guess area labels.** Always cross-reference with `docs/area-owners.md`.
 
diff --git a/.github/skills/performance-benchmark/SKILL.md b/.github/skills/performance-benchmark/SKILL.md
index 9e1b8f0bbf6a31..bfbe80312cc0a0 100644
--- a/.github/skills/performance-benchmark/SKILL.md
+++ b/.github/skills/performance-benchmark/SKILL.md
@@ -125,8 +125,6 @@ public class Bench
 
 Post a comment on the PR to trigger EgorBot with your benchmark. The general format is:
 
-> 📝 **AI-generated content disclosure:** When posting benchmark comments to GitHub under a user's credentials — i.e., the account is **not** a dedicated "copilot" or "bot" account/app — you **MUST** include a concise, visible note (e.g. a `> [!NOTE]` alert) indicating the content was AI/Copilot-generated. Skip this if the user explicitly asks you to omit it.
-
 @EgorBot [targets] [options] [BenchmarkDotNet args]
 
 ```cs