The control layer problem is real, and the enforcement
point matters. AegisProxy addresses runtime — what the
agent does after deployment. We've been working on the
pre-commit layer: what gets into the codebase before
an agent ever runs it.
The Replit incident is a good example — the agent wiped
the database, but the conditions for that were set up
earlier: no enforcement gate on what code and credentials
could be committed. Sentinel Core sits at git commit and
blocks before anything reaches the repository.