We Gave an Agent Production Code Access and Then Tried to Sleep at Night

Official Schedule Context

Official Description

We let an agent touch production code to fix CVEs. That is either automation or a supply chain

incident, depending on how honest your architecture is. PatchPilot started simple: find vulnerable

dependencies, patch them, open a PR, let CI prove the fix, move on. Then reality showed up. The

agent needed repository access, CI logs, credentials, and a Docker socket. Without that, it was

useless. With it, every security reviewer in the room had a point. This is the production case

study: what we gave the agent, what we refused, what infosec pushed back on, and where they were

right. We will cover scoped permissions, constrained PRs, audit trails, approval gates, CI evidence,

credential boundaries, and the gap between "it generated a patch" and "we can defend this change."

Agentic remediation is not just developer productivity. It is a new participant in your software

supply chain.

Related YouTube Video

No related AI Engineer channel video found yet.

Transcript Status

No official session recording transcript was found by exact title match on the AI Engineer YouTube channel during this run.

People

Notes