Use case
Govern AI coding agents before they touch code or data.
AI coding agents can read repos, create issues, open pull requests, inspect database schemas, run bounded reads, and propose writes. z-gateway routes those tool calls through runtime policy checks, approvals where needed, and session timelines.
The risk
| Agent capability | Governance risk |
|---|---|
| Repository reads | Agents can inspect sensitive code paths without a clear decision trail. |
| Issue creation | Poorly scoped agents can create noise or leak internal context. |
| Pull requests | Unsafe changes can be proposed or merged without runtime policy checks. |
| Branch writes | Protected branches need controls stronger than prompt instructions. |
| Database inspection | Agents can read schema and query data without durable governance if they bypass a runtime gateway. |
| Write proposals | High-risk data changes need risk scoring and approval before execution. |
| Destructive actions | Delete or force-write patterns should be blocked at the tool boundary. |
How z-gateway helps
Least-privilege tool access
Agents authenticate to z-gateway and only receive the connector behavior permitted by policy.
Runtime policy checks
Each requested tool call is evaluated before it reaches GitHub or Postgres.
Monitor to enforce rollout
Start by observing decisions, then enforce blocks as policies become trusted.
Audit logs
Every action has a decision trail and related calls are grouped into runtime sessions.
GitHub App permissions
Use repo-scoped GitHub App installation permissions instead of handing agents raw tokens.
Database approvals
Require approval for risky Postgres write proposals and keep compact surfaces free of raw SQL.
Production posture
Deny high-risk actions such as delete_repo or protected branch writes before execution.