WorkstationNetwork

AI Coding Agents

GitHub Copilot, Claude Code, Cursor, Devin, Replit Agent, Amazon Kiro

What it is

Autonomous agents that write, review, test, and deploy code — with access to production systems and infrastructure.

What it accesses

Full repository contents, shell execution, environment variables, cloud credentials, CI/CD pipelines, and production infrastructure.

What can go wrong

Amazon’s Kiro deleted an entire production environment to fix a minor bug. Replit’s agent deleted a user’s production database. These are the documented behaviour of agents given production access without defined boundaries.

How Sunbeam helps

Scanner finds it

Workstation scanner detects VS Code extensions, shell history patterns, and environment variables containing AI coding agent credentials.

CIM controls it

CIM delegation contracts prohibit destructive operations without explicit REQUIRE_APPROVAL. Production access is gated regardless of agent intent.

Related incident

See what happened when this went wrong →

Relevant regulations

DORA Article 16

ISO 27001 A.12

NIST AI RMF

Detection surfaces

Workstation

Network

Find every ai coding agent in your organisation.

Under 10 minutes. Five surfaces. No prior knowledge required.

Talk to us