What it does
Agentic CI Headless Build Guard audits repository documentation and guidance for the six safety controls that matter before autonomous code agents run unattended in CI pipelines. It checks bounded permissions, human approval gates, audit evidence, rollback provision, headless/timeout limits, and secret boundary handling — and returns a structured READY or BLOCKED verdict with per-control coverage detail and recommendations.
Read-only. Stdlib-only. No CI execution, shell commands, git operations, network calls, or file mutation. Safe to run pre-commit or as a pipeline gate before granting agents autonomous push rights.
Use cases
- Lightweight pre-flight for teams enabling agentic CI (Codex, Claude Code, Cursor, Gemini pipelines) before autonomous commits are allowed.
- Evidence artefact for DevSecOps and platform review gates before autonomous push rights are granted to AI agents.
- Governance check for teams standardising agent safety controls across multiple repositories and CI environments.
Six controls checked
- Bounded permissions — agent's CI role is scoped, not admin
- Human approval gate — at least one human review required before merge
- Audit evidence — agent actions are logged and attributable
- Rollback provision — documented path to revert agent changes
- Headless limits — timeouts and scope limits on autonomous runs
- Secret boundary handling — secrets not passed to agents in plaintext
Example usage
python3 scripts/ci_build_guard.py --repo /path/to/repo --json
python3 scripts/ci_build_guard.py --self-test --json
Example output
{
"ok": true,
"status": "READY",
"controls_checked": 6,
"controls_passed": 6,
"findings": [],
"recommendations": [],
"mutated_files": []
}
Requirements
- Python 3.10+ recommended; scripts use Python standard library only
- No API keys, model credentials, network access, or third-party packages required
- OpenClaw workspace with local file access to the repository being reviewed
QA and security
This skill has been reviewed and cleared for release through the GetAgentIQ release pipeline with Viper QA (4/4 scenarios PASS) and Warlock security sign-off (2026-05-29). Stdlib-only, read-only repo inspection — no CI execution, no shell commands, no network calls, no config or cron mutation, mutated_files: [] hardcoded in all outputs.