SECURE DEVELOPMENT PLATFORM

Guardrails and skills for AI coding agents.

[for Agents]

The plugin we build alongside our consulting practice. Supply-chain policy and attributed permissions that keep you safe from potentially destructive actions, plus hand-crafted skills for AI-enabled software development. New commands and hooks ship every month.

REQUEST A DEMO

WHY SDP

Agents are shipping code. Nothing is watching the supply chain.

AI coding agents install dependencies, run shell commands, and rewrite files faster than any human review can keep up with. Most pipelines still give them all the same permissions as a human. One silent pnpm install, one quiet curl | sh, and a takeover package or unattributed permission is already inside the repo. SDP closes that gap. It surfaces what the agent is about to do, explains the risk, and gates the call when policy says no. The same plugin ships hand-crafted skills for AI-enabled software development, so guardrails and toolbox arrive in one install.

THREE PILLARS

Surface. Explain. Gate.

Supply-chain policy

Trust-aware installs that refuse to silently accept packages whose maintainer or signing posture has degraded since they were pinned. Takeovers and lost provenance surface as errors with context, not warnings buried in a log.

Hooks that block drift

Pre-edit, pre-bash, and pre-commit hooks enforce the rules that matter for your repo: banned imports, secrets in diffs, file ownership boundaries. The agent gets a real explanation; nothing slips through on a silent retry.

Attributed permissions

Every elevated permission carries an audit trail: who granted it, when, and scoped to what. No one-click "yes and don't ask again" that quietly carries into the next session or the next teammate.

CAUGHT IN THE WILD

Two recent catches, unedited.

#01LOCKFILE INSTALL

wtlabs plugin · pnpm install

⏺ Bash(pnpm install 2>&1)
 ⎿ Error: Exit code 1
     ? Verifying lockfile against supply-chain policies (424 entries)...
 ✗ Lockfile failed supply-chain policy check (424 entries in 3.9s)
 [ERR_PNPM_TRUST_DOWNGRADE] 3 lockfile entries failed verification:
 eslint-import-resolver-typescript@3.10.1 High-risk trust downgrade
 semver@6.3.1 High-risk trust downgrade
 undici-types@6.21.0 High-risk trust downgrade

     The lockfile contains entries that the active policies reject. Inspect
     recent changes to pnpm-lock.yaml before trusting it. If expected, run
     "pnpm clean --lockfile" and then "pnpm install" to rebuild from a fresh
     resolution. Alternatively, relax the policy that flagged them.

⏺ Three more packages flagged by trustPolicy: no-downgrade, all legitimate
 transitive deps, but the pinned versions show maintainer/signing changes
 since they were pinned. Safe fix per the error: regenerate the lockfile.

⏺ Bash(npm view ... maintainers)
 ⎿ Waiting…

────────────────────────────────────────────────────────
 Bash command

 npm view eslint-import-resolver-typescript@3.10.1 maintainers; \
 npm view semver@6.3.1 maintainers; \
 npm view undici-types@6.21.0 maintainers
 Check maintainers for the three flagged packages

 Do you want to proceed?
 ❯ 1. Yes
   2. Yes, and don't ask again for: npm view *
   3. No

wtlabs plugin · pnpm clean --lockfile

⏺ Bash(pnpm clean --lockfile && pnpm install 2>&1)
 ⎿ Error: Exit code 1
 Removing node_modules
 Removing pnpm-lock.yaml
 Progress: resolved 1, reused 0, downloaded 0, added 0
 [ERR_PNPM_TRUST_DOWNGRADE] High-risk trust downgrade for "undici-types@6.21.0"
 (possible package takeover)

 This error happened while installing the dependencies of
 @types/node@20.19.41

     Trust checks are based solely on publish date, not semver. A package
     cannot be installed if any earlier-published version had stronger trust
     evidence. Earlier versions had provenance attestation, but this
     version has no trust evidence. A trust downgrade may indicate a
     supply chain incident.

⏺ undici-types@6.21.0 was published without provenance
 attestation, while earlier versions had it. Exactly what the trust policy
 is designed to catch. Checking if newer versions restored provenance.

⏺ Bash(npm view undici-types versions --json ...)
 ⎿ Waiting…

────────────────────────────────────────────────────────
 Bash command

 npm view undici-types versions --json 2>&1 | python3 -c \
 "import sys,json; vs=json.load(sys.stdin); \
 print('\\n'.join(v for v in vs if v.startswith('6.')))"
 List undici-types 6.x versions

 Do you want to proceed?
 ❯ 1. Yes
   2. Yes, and don't ask again for similar commands
   3. No

SKILLS

Skills that ship in the same plugin.

SDP isn't only guardrails. The same plugin carries hand-crafted skills for AI-enabled software development. Three new ones just landed in v0.2.0, with more in every release.

Prompt context engineering

/wtlabs:improve-prompt rewrites a raw ask into a context-engineered prompt. It analyzes intent, structures the message into clear sections, and reaches for examples over rules. The agent gets a brief it can actually act on.

Read-only Kubernetes debugging

/wtlabs:debug-k8s gathers diagnostics through kubectl, flux, helm, istioctl, and cmctl, then writes a structured root-cause report. Nothing mutates the cluster. You get the analysis without giving the agent a knife.

Per-worktree workspace coloring

/wtlabs:theme picks a color palette and writes the worktree's VS Code workspace file. Multiple agent sessions across worktrees stay visually distinct, so you don't paste into the wrong window.

SHIPPING CADENCE

A lot more lands every month.

We rely on the Secure Development Platform to build our own consulting tools. Every new pattern we hit in client engagements becomes a policy, a hook, or a skill that ships back into the platform. Below is what is live today and what is moving through next.

TODAY

Trust-policy pnpm installs (no-downgrade by default)
Versioned permission template installer
Permission inventory by scope
Allowlist auto-tuning from transcripts
Prompt context-engineering rewrite
Read-only Kubernetes root-cause reports
Per-worktree VS Code workspace theming

ON DECK

Hook bundles for common drift patterns
Attribution audit log + SIEM export
Multi-repo policy distribution
Org-wide trust posture dashboard

Run SDP in your environment.

REQUEST A DEMO