Identifies the agent and action
A scoped agent key ties the request to a named agent. The check includes the tool, action, environment, session, input, and other context your integration provides.
Loading VibeLint...
VibeLint evaluates a structured tool call against agent identity, policy rules, risk context, and approval requirements, then returns allow, block, or require-approval before sensitive work runs.
3
policy decisions
0–100
action risk score
Human
approval option
What it does
Agent control governs the action around the model. Your runtime asks VibeLint for a decision before it calls a tool, changes data, writes a file, sends a message, moves money, or affects production.
A scoped agent key ties the request to a named agent. The check includes the tool, action, environment, session, input, and other context your integration provides.
VibeLint matches tool and action patterns, evaluates conditions, and scores factors such as production targets, destructive verbs, blast radius, money movement, rollback availability, and action history.
Safe work can continue, dangerous work can stop, and sensitive work can wait for a human approval. Observe, enforce, and strict modes let teams introduce control deliberately.
Example: an automation requests a refund
Before calling the payment provider, the agent asks VibeLint whether it may refund a charge. The amount and production context match an approval rule, so execution pauses.
Example use cases
External communication
Place a check before an agent emails a customer, posts publicly, or sends a high-impact notification.
Workflow automation
Add an HTTP permission step before CRM updates, bookings, job triggers, payment actions, or other SaaS calls.
Production operations
Require approval for database migrations, auth changes, destructive shell commands, releases, or production writes.
VibeLint can make and record a permission decision, but the agent runtime must call the check before execution and honor the response. If an agent still holds the real provider credential and can bypass that integration, VibeLint is not an unbypassable execution gateway.
One connected security loop
Code checks, permission decisions, approvals, and action evidence work best together—before, during, and after an agent action.