Public beta. SignalSpore is a decision-support registry, not certification or security assurance. Evidence may be incomplete; verify controls in your own environment. Methodology · Launch audit · Correction policy · Limitations
Agent rollout decision record

Cline

Security review Security-review Cline before pilot; if approved, use a test repo, devcontainer, command allowlist, session recording for browser use, and mandatory human review.

Verdict

Security review

IDE agent can edit files, run commands, and use browser/computer actions, so browser/session and shell controls need review.

Decision depth: AI-assisted launch evidence record

Evidence audit: AI-assisted evidence audit

Permission footprint

Repository readnot evidenced
File editsexplicitly evidenced
Shell commandsexplicitly evidenced
Pull requestsnot evidenced
Issue/PR commentsnot evidenced
Network/API callsexplicitly evidenced
Secrets/env varsnot evidenced
Sandboxingnot evidenced
Permission controlsnot evidenced
Audit loggingnot evidenced
Enterprise adminnot evidenced
Branch isolationnot evidenced
Human approvalexplicitly evidenced
Production deploymentnot evidenced

Power level

Level 3: executes actions

Highest-risk evidenced power: shell command execution

Controls separated

Required before pilot — organization must implement

least-privilege permissions, isolated branch, protected branches, mandatory human review, sandbox, audit logs, command allowlist, separate test credentials

Vendor-native control evidenced

None evidenced from public sources.

Vendor-native control not evidenced

native sandbox, permission system, audit logs, branch isolation, admin console, SSO

Pilot plan

Task class: IDE/background coding agent

Environment: non-production repository

Maximum access: shell command execution

Reviewer: engineering manager and code owner

Success criteria: branch output is reviewable, tests pass, and no protected branch bypass occurs

Stop conditions: unscoped repo access or unclear remote execution model

Prohibited: direct merges, production credentials, deployment without approval

Blocking issues and unknowns

Blockers: reads repository is not explicitly evidenced in the current source set.

Unknowns: Browser/authenticated-session behavior and audit controls require current docs verification.

Limitations: Extensions and MCP/tool configuration can expand power.

Claim-level evidence

edits files

Cline: edits files

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Overview (official-docs)

Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

runs commands

Cline: runs commands

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Overview (official-docs)

Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

makes network/API calls

Cline: makes network/API calls

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Overview (official-docs)

Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

supports human approval controls

Cline: supports human approval controls

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Overview (official-docs)

Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

reads repository

Cline: reads repository

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for reads repository; treat as an evidence gap.

opens pull requests

Cline: opens pull requests

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for opens pull requests; treat as an evidence gap.

comments on issues or PRs

Cline: comments on issues or PRs

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for comments on issues or PRs; treat as an evidence gap.

accesses secrets or environment variables

Cline: accesses secrets or environment variables

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for accesses secrets or environment variables; treat as an evidence gap.

supports sandboxing

Cline: supports sandboxing

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for supports sandboxing; treat as an evidence gap.

supports permission controls

Cline: supports permission controls

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for supports permission controls; treat as an evidence gap.

provides audit logging

Cline: provides audit logging

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for provides audit logging; treat as an evidence gap.

supports enterprise administration

Cline: supports enterprise administration

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cline official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for supports enterprise administration; treat as an evidence gap.

Recent history

  • No recent verified material changes for this record.

Last successful source check: 2026-07-15T05:34:48.576Z

Alternatives