Telling a coding agent "do not push to main" is useful.
It is not enough.
Branch policy has to be a runtime boundary.
For agent-driven coding workflows, I want the runner to know and record:
- current branch
- protected branches
- allowed git commands
- whether commits are allowed
- whether push is allowed
- whether a human approved the action
- diff scope
- files touched
- commit hash
- rollback path
If an agent violates policy, the interesting question is not only "what did the instructions say?"
It is: which runtime boundary allowed the action?
This is the type of operating surface we want in Armorer: agents as supervised jobs with visible state and controls.
https://github.com/ArmorerLabs/Armorer
And for higher-risk actions, Armorer Guard should leave a compact decision receipt.
https://github.com/ArmorerLabs/Armorer-Guard
Instructions are documentation. Runtime boundaries are control.
Top comments (0)