DEV Community: Ramanpreet Singh The latest articles on DEV Community by Ramanpreet Singh (@ramanpreet_singh_701cac53). https://dev.to/ramanpreet_singh_701cac53 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3914665%2F8a68048b-2bdd-4bf6-8e10-dc36524f1e1d.jpg DEV Community: Ramanpreet Singh https://dev.to/ramanpreet_singh_701cac53 en I built a tiny CI tool to keep AI agent configs from drifting in my repo Ramanpreet Singh Tue, 05 May 2026 20:11:46 +0000 https://dev.to/ramanpreet_singh_701cac53/i-built-a-tiny-ci-tool-to-keep-ai-agent-configs-from-drifting-in-my-repo-4lod https://dev.to/ramanpreet_singh_701cac53/i-built-a-tiny-ci-tool-to-keep-ai-agent-configs-from-drifting-in-my-repo-4lod <p>If your team uses AI coding agents on real code, you've probably hit this:</p> <p>The rules your agents are supposed to follow — what tools they're allowed to use, who can call who, when something should escalate — live in scattered prompts, READMEs, and Notion docs. Nothing in your CI pipeline fails when reality drifts from those documents.</p> <p>So I made a small thing.</p> <h2> What it does </h2> <p>It turns the rules into YAML that lives in your repo:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># .agent-ops/registry/tool-acl.yaml</span> <span class="na">backend-builder</span><span class="pi">:</span> <span class="na">tools</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">repo_read</span> <span class="pi">-</span> <span class="s">repo_write_backend</span> <span class="pi">-</span> <span class="s">run_backend_tests</span> <span class="na">security-reviewer</span><span class="pi">:</span> <span class="na">tools</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">repo_read</span> <span class="pi">-</span> <span class="s">dependency_scan</span> <span class="na">blocked_tools</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">direct_email_send</span> <span class="pi">-</span> <span class="s">production_delete</span> </code></pre> </div> <p>A Python validator fails CI when:</p> <ul> <li>An agent declares a tool the ACL doesn't grant</li> <li>An agent calls another agent not in the call graph</li> <li>A sensitive action (email send, deploy, external post) is missing required evidence fields</li> </ul> <p>There's also a ~100-line Python module you can import into your own agent runner to enforce the same rules at runtime, before tools execute:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">agent_ops_guard</span> <span class="kn">import</span> <span class="n">AgentOpsGuard</span> <span class="n">guard</span> <span class="o">=</span> <span class="nc">AgentOpsGuard</span><span class="p">(</span><span class="sh">"</span><span class="s">.</span><span class="sh">"</span><span class="p">)</span> <span class="n">guard</span><span class="p">.</span><span class="nf">assert_tool_allowed</span><span class="p">(</span><span class="sh">"</span><span class="s">backend-builder</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">repo_read</span><span class="sh">"</span><span class="p">)</span> <span class="n">guard</span><span class="p">.</span><span class="nf">assert_call_allowed</span><span class="p">(</span><span class="sh">"</span><span class="s">orchestrator</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">backend-builder</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <p>If a check fails it raises <code>PolicyDenied</code> and your runner blocks the action before it happens.</p> <h2> Try it in 5 minutes </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/RPSingh1990/agent-contract-tests <span class="nb">cd </span>agent-contract-tests python3 scripts/agent_ops_validate.py <span class="nt">--strict</span> </code></pre> </div> <p>That runs the validator against the included example. Pure Python, no dependencies.</p> <p>To drop the starter files into your own repo:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>python3 scripts/agent_ops_init.py <span class="nt">--target</span> /path/to/your-repo </code></pre> </div> <h2> What this isn't </h2> <p>Being honest about scope:</p> <ul> <li>Not an agent framework — AutoGen, CrewAI, and LangGraph already do orchestration</li> <li>Not a sandbox — these are repo-level contracts, not process isolation</li> <li>Not an LLM eval suite — Promptfoo, DeepEval, and Inspect already do that</li> </ul> <p>It's a small contract-test layer, narrow on purpose.</p> <h2> What I'm looking for </h2> <p>Single author, MIT, days old. The questions I actually have:</p> <ul> <li>Does the YAML shape match how teams structure agent rules in practice, or is the abstraction wrong?</li> <li>Are any of the checks process-for-process's-sake?</li> <li>What drift have you seen that this wouldn't catch?</li> </ul> <p>Repo: <a href="https://github.com/RPSingh1990/agent-contract-tests" rel="noopener noreferrer">https://github.com/RPSingh1990/agent-contract-tests</a></p> <p>Issues and PRs welcome. So is "this is wrong because..."</p> ai python opensource devops