Intent-Based Access Control(IBAC) for Coding Agents

The rapid adoption of AI‑driven coding agents has transformed how organizations automate tasks, from onboarding scripts in HR to content pipelines in marketing. While these agents boost productivity, they also introduce a novel attack surface: natural‑language prompts that can be interpreted differently across roles, potentially triggering destructive operations. Traditional role‑based or attribute‑based access controls were designed for GUI interactions and lack the semantic awareness needed to safely govern autonomous agents.

Agentctl addresses this gap with a four‑step IBAC workflow: intercepting prompts, classifying intent via LLM or NLP parsers, mapping the intent‑resource pair to a machine‑readable Cedar policy, and enforcing decisions at runtime. Its adapter pattern abstracts the quirks of each runtime—Claude Code’s read/write tools, OpenClaw’s code_read/write, Gemini CLI’s file operations—into a unified action taxonomy. By centralizing policy management, organizations can define granular rules based on identity, environment, resource, and even time, while the --show-intent flag offers transparent preview of how prompts translate into enforceable actions.

For enterprises, the benefits are tangible. A single policy file eliminates fragmented rule sets, reducing compliance overhead for standards like HIPAA, SOC 2, and PCI‑DSS. The consistent JSONL audit log creates a forensic‑ready trail, linking each agent, tool, and decision for rapid incident response. Since the project is open‑source on GitHub, teams can quickly integrate IBAC into existing pipelines, accelerating secure AI adoption without reinventing governance frameworks.