AI Code Governance
Policy, review, and audit primitives for AI-generated code in production.
AI Coding Tool Categories and Governance
A taxonomy of AI coding tools — from LLM APIs to autonomous agents — with risk levels, governance requirements, and maturity models.
AI Coding Tools and Open Source License Risk: What Your Legal Team Needs to Know
How autonomous agents generate copyleft code without attribution, exposing organizations to license contamination and legal liability.
How to Tag and Track AI-Generated Code in Git
Implementation strategies for marking agent-authored commits with cryptographically verifiable metadata for audit compliance.
Building an AI Code Review Gate in Your CI/CD Pipeline
Automated enforcement policies for agent-authored code with risk-based approval workflows and escalation paths.
Skills, Files, and Permissions: A Working Threat Model for AI Coding Agents
What coding agents can and can't do, the permission models that govern agent file access, and how to set boundaries that don't break the agent's usefulness.
Setting Up a Secure Local Claude Code Development Environment
A four-layer hardening playbook for Claude Code on a developer laptop — workspace isolation, secret hygiene, permission discipline, and network egress control. Practical, opinionated, copy-pasteable.