How I Built agent-pr-firewall: A GitHub App PR Governance Check

AI-assisted coding increased risky PR patterns in my workflow. I built agent-pr-firewall to enforce one required governance check before merge, with policy-based pass/warn/block decisions.

Why CI alone was not enough

1. The policy model (pass/warn/block)
2. GitHub App webhook architecture
3. Policies that matter in practice
4. Branch protection as the enforcement point
5. Observability and failure handling
6. Lessons learned and next steps

• Repo: https://github.com/Archangel-77/agent-pr-firewall
• Release: https://github.com/Archangel-77/agent-firewall/releases/tag/v0.1.1
• Proof PR/checks: https://github.com/Archangel-77/agent-pr-firewall/pull/2