Software teams

Coding agents that ship,
inside change control

Platform teams use govern.sh to let coding agents open PRs, run CI, and deploy — with repo access scoped to branches, production gated behind on-call approval, and every merge carrying its own change-management evidence.

The problem

Where autonomy breaks down today

01

Bot PATs with org-wide write

The token behind most coding agents can push to any repo in the org, including the ones it has no business touching. Rotation is manual and scope review never happens.

02

Agent commits blur accountability

When agent and human commits share a bot account, git blame stops answering the only question that matters during an incident: what changed this, and who or what decided to.

03

Autonomous deploys fail the audit

SOC 2 change management wants documented approval per production change. An agent that deploys on green CI produces exactly none of that — until the auditor asks.

A day in the life

From bug report to production, gated

Overnight, patch-agent picks up a triaged null-pointer bug in the billing service and carries the fix all the way to a deploy — with two checkpoints.

patch-agent
Fixes triaged bugs and shepherds them to production
01

patch-agent signs its own commits

Passport

Working under its own passport rather than a shared bot account, its commits and PRs are attributable to a specific agent identity and the run that produced them.

agent: patch-agent · commits signed · run #4471 linked
02

Repo write is scoped to its branch

Policy

repo-guardrail allows pushes to fix/* branches on the billing service only. An attempted push to main — or to any other repo — is denied before it reaches the remote.

git.push refs/heads/fix/npe-billing → allow · main → deny
03

CI passes, and the deploy request holds

Policy

Tests are green and the PR is mergeable, but production deploys are approval-required by policy regardless of who — or what — requests them.

deploy.production · billing-svc → require_approval: on-call
04

The on-call engineer approves the release

Approval

Sofia reviews the diff summary, the test results, and the rollback plan in the approval card, and signs off. The deploy proceeds with her name on it.

approved_by: sofia.r (on-call) · change window: ok
05

The change record writes itself

Receipt

A signed receipt links the commit range, CI run, approver, and deploy — chained into the trail and attached to the PR. That is the change-management evidence, already assembled.

rcp_77e0…b2ac · commit 8d41f2e…e09a1c · deploy #9124
What govern.sh adds

Guardrails that feel like good tooling

Scope, gate, and record agent activity across repos, CI, and deploy targets — without slowing the loop your engineers actually like.

Branch-scoped repo access

Allow pushes by ref pattern and repository. Coding agents get room to work in their branches and a hard wall everywhere else.

Deploy gates by environment

Staging flows at machine speed; production requires the on-call's approval. The distinction lives in policy, not in each agent's prompt.

Attributable agent commits

Passport-signed commits mean git blame, incident reviews, and dashboards distinguish every agent from every human, permanently.

Evidence per change, not per audit

Each production change carries a receipt linking code, tests, approval, and deployment — collected continuously instead of reconstructed annually.

payments-guardrail.yml
1policy: payments-guardrail
2applies_to: refund-agent
3rules:
4 - action: stripe.refund
5 max_amount: $500
6 require_approval: amount > $250
7 - action: db.write
8 scope: orders.refunds only
9audit: signed_receipt(ed25519)
−47%
Mean time from triaged bug to production fix
100%
Production deploys with recorded approval
3 wks → 0
Change-evidence prep before SOC 2 audits

Representative outcomes reported by govern.sh customers in software teams.

SOC 2

Change management, continuously satisfied

SOC 2 CC8.1 expects authorized, documented, and tested changes. With govern.sh, every agent-driven production change carries a signed receipt binding the commit, the CI result, and the human approval into one verifiable record — so the evidence for your Type II observation window accumulates as a side effect of shipping.

The blocker was never whether the agent could write the fix — it was whether I could put an autonomous deploy in front of our auditor. Now every agent release has a better paper trail than our human ones did last year.
Ravi Menon
Staff Platform Engineer, Attico Labs

Put a verified agent to work in software teams.

Mint a passport, attach a policy, and watch the first signed receipt land — free for your first three agents.