Public beta. SignalSpore is a decision-support registry, not certification or security assurance. Evidence may be incomplete; verify controls in your own environment. Methodology · Launch audit · Correction policy · Limitations
Agent rollout decision record

Devin

Security review Start with a security review of repo scope, execution environment, credentials, PR workflow, and auditability; only then run a bounded pilot.

Verdict

Security review

Autonomous software-engineering scope is high power and should enter formal security review before operational access.

Decision depth: AI-assisted launch evidence record

Evidence audit: AI-assisted evidence audit

Permission footprint

Repository readexplicitly evidenced
File editsexplicitly evidenced
Shell commandsexplicitly evidenced
Pull requestsnot evidenced
Issue/PR commentsnot evidenced
Network/API callsnot evidenced
Secrets/env varsexplicitly evidenced
Sandboxingnot evidenced
Permission controlsexplicitly evidenced
Audit loggingnot evidenced
Enterprise adminnot evidenced
Branch isolationnot evidenced
Human approvalnot evidenced
Production deploymentnot evidenced

Power level

Level 2: modifies artifacts

Highest-risk evidenced power: file modification

Controls separated

Required before pilot — organization must implement

least-privilege permissions, isolated branch, protected branches, mandatory human review, sandbox, command allowlist, audit logs, separate test credentials

Vendor-native control evidenced

security docs

Vendor-native control not evidenced

native sandbox, permission system, audit logs, branch isolation, admin console, SSO

Pilot plan

Task class: Terminal and coding agent

Environment: non-production repository

Maximum access: file modification

Reviewer: engineering manager plus security reviewer

Success criteria: small reversible code changes pass tests and review without secret exposure

Stop conditions: unexpected command execution, broad repo access, failed audit trail, or reviewer cannot understand diffs

Prohibited: production deploys, unreviewed merges, secret access, large autonomous rewrites

Blocking issues and unknowns

Blockers: No blocking issue for the base record; run a personalized check for your environment.

Unknowns: Exact environment isolation, audit, and credential handling must be verified from current official docs.

Limitations: High autonomy creates reviewer-load and blast-radius risk.

Claim-level evidence

runs commands

Devin: runs commands

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Devin Intro (official-docs)

Excerpt: Devin's terminal, where you can watch commands being executed and view output logs. You can also copy the shell output for debugging purposes. To run commands directly, use the IDE's shell.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

edits files

Devin: edits files

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Devin Intro (official-docs)

Excerpt: Devin's embedded code editor equipped with all the IDE tools and shortcuts you're familiar with. Follow Devin's work in real time and take over to run commands, make direct code edits or test Devin's code.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

reads repository

Devin: reads repository

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Essential Commands (official-docs)

Excerpt: Auto-approves read-only tools within the current directory, and asks for permission for write/execute operations.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

supports permission controls

Devin: supports permission controls

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Essential Commands (official-docs)

Excerpt: Auto-approves file edits within the workspace while still prompting for shell commands and other actions.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

accesses secrets or environment variables

Devin: accesses secrets or environment variables

Status: explicitly-supported · Reviewer: AI-assisted evidence audit · Confidence: 86/100

Source: Security at Cognition (official-docs)

Excerpt: You may need to provide Devin with credentials and keys such as passwords, API keys, cookies or other for authentication.

Limitations: Official-source excerpt is claim-specific; tenant/workspace configuration can still change rollout risk.

opens pull requests

Devin: opens pull requests

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for opens pull requests; treat as an evidence gap.

comments on issues or PRs

Devin: comments on issues or PRs

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for comments on issues or PRs; treat as an evidence gap.

makes network/API calls

Devin: makes network/API calls

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for makes network/API calls; treat as an evidence gap.

supports sandboxing

Devin: supports sandboxing

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for supports sandboxing; treat as an evidence gap.

provides audit logging

Devin: provides audit logging

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for provides audit logging; treat as an evidence gap.

supports enterprise administration

Devin: supports enterprise administration

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for supports enterprise administration; treat as an evidence gap.

supports branch isolation

Devin: supports branch isolation

Status: not-evidenced · Reviewer: AI-assisted evidence audit · Confidence: 24/100

Source: Cognition official source set (official-docs)

Excerpt:

Limitations: No exact official-source excerpt was found for supports branch isolation; treat as an evidence gap.

Recent history

Last successful source check: 2026-07-15T05:34:48.576Z