New deterministic control plane secures LLM coding agents
Research finds 10.1% of agent configs are duplicated across GitHub repos
Computer science researcher Padmaraj Madatha has published an arXiv paper proposing Rel(AI)Build, a deterministic control plane designed to impose structure on the largely unmanaged configuration layer of LLM coding agents. The paper analyzes 10,008 GitHub repositories (containing 6,145 agent config files) and finds concerning patterns: 10.1% of tracked agent paths are exact SHA-256 duplicates across independent repositories, while only 1% declare permission boundaries compared to 33% in GitHub Actions workflows.
Rel(AI)Build introduces a governance layer that treats agent definitions as a managed supply chain, using content addressing, cryptographic lockfiles, and hash-chained audit logs. It enforces tiered permissions before LLM invocation, gates development through a phase state machine with traceability, compiles to seven IDE targets, and detects prompt drift via Jaccard similarity. While conformance tests confirm the mechanisms enforce stated invariants, developer outcomes remain future work.
- Analysis of 10,008 GitHub repos found 10.1% of agent configs are SHA-256 duplicates across organizations
- Rel(AI)Build uses SHA-256 content addressing, HMAC-stamped lockfiles, and hash-chained audit logs for agent definition governance
- System enforces tiered permissions before LLM invocation and detects prompt drift via Jaccard similarity
Why It Matters
Provides critical governance for unmanaged LLM agent configurations, reducing security risks in automated coding workflows.