Port model field for CustomAgentConfig from reference implementation

Adds a 'model' field to CustomAgentConfig allowing agents to specify
a preferred model (e.g., 'claude-haiku-4.5'). When set, the runtime will
attempt to use this model for the agent, falling back to the parent
session model if unavailable.

Reference: d0eb531 feat: add model field to CustomAgentConfig across all SDKs (#1309)

Co-authored-by: edburns <75821+edburns@users.noreply.github.com>

Author: Copilot

src/main/java/com/github/copilot/sdk/json/CustomAgentConfig.java

@@ -60,6 +60,9 @@ public class CustomAgentConfig {
     @JsonProperty("skills")
     private List<String> skills;
 
+    @JsonProperty("model")
+    private String model;
+
     /**
      * Gets the unique identifier name for this agent.
      *
@@ -255,4 +258,29 @@ public CustomAgentConfig setSkills(List<String> skills) {
         this.skills = skills;
         return this;
     }
+
+    /**
+     * Gets the model identifier for this agent.
+     *
+     * @return the model identifier (e.g., "claude-haiku-4.5"), or {@code null} if
+     *         not set
+     */
+    public String getModel() {
+        return model;
+    }
+
+    /**
+     * Sets the model identifier for this agent.
+     * <p>
+     * When set, the runtime will attempt to use this model for the agent, falling
+     * back to the parent session model if unavailable.
+     *
+     * @param model
+     *            the model identifier (e.g., "claude-haiku-4.5")
+     * @return this config for method chaining
+     */
+    public CustomAgentConfig setModel(String model) {
+        this.model = model;
+        return this;
+    }
 }

src/test/java/com/github/copilot/sdk/PermissionsTest.java

@@ -112,6 +112,17 @@ void testDenyPermission(TestInfo testInfo) throws Exception {
         try (CopilotClient client = ctx.createClient()) {
             CopilotSession session = client.createSession(config).get();
 
+            // Regression check for https://github.com/github/copilot-sdk/issues/1194:
+            // the reject decision must round-trip through the CLI with its discriminator
+            // intact so the agent surfaces the user-rejected error to the model.
+            final boolean[] userRejectedToolCall = {false};
+            session.on(ToolExecutionCompleteEvent.class, evt -> {
+                if (!evt.getData().success() && evt.getData().error() != null && evt.getData().error().message() != null
+                        && evt.getData().error().message().toLowerCase().contains("user rejected")) {
+                    userRejectedToolCall[0] = true;
+                }
+            });
+
             String originalContent = "protected content";
             Path testFile = ctx.getWorkDir().resolve("protected.txt");
             Files.writeString(testFile, originalContent);
@@ -120,6 +131,9 @@ void testDenyPermission(TestInfo testInfo) throws Exception {
                     new MessageOptions().setPrompt("Edit protected.txt and replace 'protected' with 'hacked'."))
                     .get(60, TimeUnit.SECONDS);
 
+            assertTrue(userRejectedToolCall[0],
+                    "Expected a tool.execution_complete event whose error indicates the user rejected the call.");
+
             // Verify the file was NOT modified
             String content = Files.readString(testFile);
             assertEquals(originalContent, content, "File should not have been modified");