That's when I realized we need infrastructure designed for AI agents, not just better prompts. SAV (Shadow VCS) creates a staging area between AI agents and Git. Every change lands in .sav/commits/ first - never touches your working directory until you approve it.
What makes it different:
Risk scoring: Analyzes file patterns, secrets, binary size to flag dangerous changes Policy engine: YAML rules can auto-approve docs, block anything touching auth/ Audit trail: Every decision logged in SQLite for compliance Concurrency-safe: Multiple agents can work without stepping on each other
Try it:
pip install savai sav init sav commit -m "AI refactor" src/* sav review <commit-id> sav approve <commit-id>
The bigger picture:
This is v0.1 of what I think will become essential infrastructure.
The roadmap includes:
- Agent orchestration with dependency graphs (so agents can coordinate complex changes) - Machine learning risk models trained on your approval patterns - Multi-repo coordination for microservices
Why this matters now:
AI agents are getting more autonomous. GitHub Copilot, Cursor, Devin-style tools are moving from "suggestions" to "autonomous PRs". We need VCS infrastructure that assumes machines are contributors, not just humans with better autocomplete. I'd love feedback from anyone dealing with AI-generated code at scale. The repo is MIT-licensed: https://github.com/AKIFQ/sav