Verdict
Security review
IDE agent can edit files, run commands, and use browser/computer actions, so browser/session and shell controls need review.
Decision depth: AI-assisted launch evidence record
Evidence audit: AI-assisted evidence audit
Security review Security-review Cline before pilot; if approved, use a test repo, devcontainer, command allowlist, session recording for browser use, and mandatory human review.
Security review
IDE agent can edit files, run commands, and use browser/computer actions, so browser/session and shell controls need review.
Decision depth: AI-assisted launch evidence record
Evidence audit: AI-assisted evidence audit
Level 3: executes actions
Highest-risk evidenced power: shell command execution
least-privilege permissions, isolated branch, protected branches, mandatory human review, sandbox, audit logs, command allowlist, separate test credentials
None evidenced from public sources.
native sandbox, permission system, audit logs, branch isolation, admin console, SSO
Task class: IDE/background coding agent
Environment: non-production repository
Maximum access: shell command execution
Reviewer: engineering manager and code owner
Success criteria: branch output is reviewable, tests pass, and no protected branch bypass occurs
Stop conditions: unscoped repo access or unclear remote execution model
Prohibited: direct merges, production credentials, deployment without approval
Blockers: reads repository is not explicitly evidenced in the current source set.
Unknowns: Browser/authenticated-session behavior and audit controls require current docs verification.
Limitations: Extensions and MCP/tool configuration can expand power.
Cline: edits files
Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100
Source: Overview (official-docs)
Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.
Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.
Cline: runs commands
Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100
Source: Overview (official-docs)
Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.
Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.
Cline: makes network/API calls
Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100
Source: Overview (official-docs)
Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.
Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.
Cline: supports human approval controls
Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100
Source: Overview (official-docs)
Excerpt: AI coding assistant in your editor. Create files, run commands, browse the web, and use tools with human-in-the-loop approval.
Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.
Cline: reads repository
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for reads repository; treat as an evidence gap.
Cline: opens pull requests
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for opens pull requests; treat as an evidence gap.
Cline: comments on issues or PRs
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for comments on issues or PRs; treat as an evidence gap.
Cline: accesses secrets or environment variables
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for accesses secrets or environment variables; treat as an evidence gap.
Cline: supports sandboxing
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for supports sandboxing; treat as an evidence gap.
Cline: supports permission controls
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for supports permission controls; treat as an evidence gap.
Cline: provides audit logging
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for provides audit logging; treat as an evidence gap.
Cline: supports enterprise administration
Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100
Source: Cline official source set (official-docs)
Excerpt:
Limitations: No exact official-source excerpt was found for supports enterprise administration; treat as an evidence gap.
Last successful source check: 2026-07-15T05:34:48.576Z
Generate a receipt that inherits this record depth, unsupported claims, inferred claims, source health, and expiry.
Check this agent for your environment