Loop Sentinel — Governed Code Agent for GitLab

AI agent that generates, validates, and self-corrects code within human-defined governance limits. Kill switch enforces bounded autonomy. Full audit trail. Built with Anthropic Claude on GitLab.

Comment

Inspiration

Most AI code agents optimize for one thing: completing the task. But in enterprise environments, unchecked autonomy is a liability. Loop Sentinel was built on a simple principle: AI can think autonomously but should not act autonomously. Every iteration needs a boundary. Every decision needs a receipt.

What it does

Loop Sentinel generates, validates, and self-corrects code — but only within limits a human sets before the agent starts. A kill switch enforces a maximum loop count. A compliance engine scores code against security, accessibility, and structural checks in real-time. When the limit fires, the agent stops and asks the human to decide. Every loop is logged and exportable as a Markdown governance report and JSON audit trail.

How we built it

Custom agent on the GitLab Duo Agent Platform using Anthropic Claude (default AI provider in the GitLab sandbox). Agent defined via YAML configuration with a governance-focused system prompt. Three specialized skills (governance-scan, kill-switch, audit-trail) defined as SKILL.md files. Multi-agent flow chains a compliance scanner into an audit reporter. 23 compliance rules across security, accessibility, and structure categories. All configuration is transparent and open source.

Challenges we ran into

Balancing agent autonomy with meaningful governance — too restrictive kills usefulness, too permissive defeats the purpose. Making compliance checks fast enough to run between iterations without breaking flow. Ensuring the kill switch negotiation feels like a feature, not an interruption.

Accomplishments that we're proud of

The agent generates clean code in 1-3 loops on most prompts. The audit trail captures every decision with timestamps, token counts, and error categories. The compliance engine catches real issues — console.log statements, missing alt tags, inline styles — without false positives. Built by a medical intern with zero formal CS background using a multi-AI orchestration methodology.

What we learned

Governance isn't overhead — it's the product. The kill switch isn't a safety net — it's the differentiator. The audit trail isn't a feature — it's proof that governance happened. Every enterprise deploying AI agents will eventually need bounded autonomy. The question is whether to build it in from the start or bolt it on after something goes wrong.

What's next for Loop Sentinel — Governed Code Agent for GitLab

Deep integration with GitLab CI/CD pipelines — triggering governance checks on merge requests, enforcing compliance before code reaches production. Multi-agent orchestration where specialized agents handle security, accessibility, and performance validation in parallel. Institutional licensing for enterprise teams that need auditable AI-assisted development workflows.

Built With

  • agent
  • anthropic-claude
  • ci/cd
  • duo
  • gitlab
  • markdown
  • yaml
Share this project:

Updates