Developer Tools●●●Banger
Handler – Open-source local sandboxes and control plane for code agents
Firecracker microVMs isolate coding agents so you can review before merging.
SlickSolve My Problem
shake-n-fries
201mo ago
Back to browse
GitHub Repository
agentctl is a focused v1 control layer for coding agents. It gates a small set of high-risk actions, records structured traces for every decision, and replays prior sessions against a different policy.
7 starsGo
Agentctl, a local control plane for coding agents
by chocks·May 8, 2026·3 points·0 comments
AI Analysis
●●●BangerSolve My ProblemDark Horse
Replaying past sessions against stricter policies beats guessing rules before you know the risks.
Strengths
- •Session replay feature lets you tighten policy retroactively without re-running the agent.
- •Local-first design with no HTTP server ensures traces and policies stay entirely on-device.
- •Structured JSONL traces enable grep-friendly auditing of every gated decision.
Weaknesses
- •Relies on agents supporting specific hooks or MCP protocols for interception.
- •Narrow scope excludes complex workflow orchestration beyond simple action gating.
Category
Target Audience
Developers using autonomous coding agents like Claude Code or Codex
Similar To
ShieldedAI · LLM Guard
Post Description
I’ve been building agentctl, a small Go tool that sits between coding agents and the risky actions they want to take: package installs, shell execution, secret access, file writes, outbound API calls.
The design is deliberately narrow and local-first. No HTTP server, no hosted component, no repo-level config sprawl. Everything lives under ~/.agentctl/. Policy is yours, traces are yours.
The workflow I keep coming back to: write a permissive policy, let the agent run for a week, then tighten the rules and replay the old sessions to see what would have been blocked. Much better than guessing at policy upfront, and it’s the part of the tool I didn’t expect to use as much as I do.
Every gated decision gets written to jsonl, so you can grep, diff, or feed traces back through a stricter policy without re-running the agent. There’s also a TUI for browsing sessions, inspecting individual gate decisions, and stepping through replays interactively, which makes it easier to spot patterns across runs.
Currently works with Claude Code and MCP-based clients like Codex.
Still a WIP and mostly a project for myself, but figured others experimenting with coding agents might find it interesting.
Similar Projects
Developer Tools●●Solid
Armorer – A secure local control plane for AI agents
Agents install their own sandbox via Docker, solving the dependency hell problem.
Ship ItSolve My Problem
cristianleo
4127d ago
Developer Tools●●●Banger
OpenRig – a control plane for multi-agent coding topologies
Terraform for agent fleets solves the terminal sprawl problem nobody else addressed.
Big BrainZero to OneSolve My Problem
mschwarz
5812d ago
Developer Tools●●Solid
Feature release system with MCP agent controls
MCP integration for feature flags is timely, but LaunchDarkly owns this category.
Bold BetSlick
jsonstcyr
201mo ago
Developer Tools●●Solid
Armorer – A secure local control plane to sandbox AI agents in Docker
Docker sandboxing for agents when most runners just trust whatever the LLM outputs.
Ship ItNiche Gem
cristianleo
3225d ago
Infrastructure●●Solid
Recursant, a mesh-based control plane for AI agents
Istio-style sidecars for AI agents solving enterprise compliance gaps.
Big BrainSolve My Problem
hestefisk
3022d ago