Building Agentra, An Enterprise AI Engineering Control Plane for Secure Coding Agents

Agentra is an open-source enterprise AI engineering control plane designed to manage and secure AI coding agents like Cursor, Claude, and Copilot. It sits between developers and coding agents to enforce governance, dynamically build optimized instructions based on the detected project stack, and minimize token usage. The platform is local-first, blocks insecure code patterns, and treats repository instructions as untrusted by default, aiming to bring DevSecOps rigor to AI-assisted software development.

Open source repository: https://github.com/arijeetganguli/agentra PyPI: https://pypi.org/project/agentra/ AI coding agents are becoming part of everyday engineering workflows. Cursor, Claude, Copilot, Aider, Windsurf, and autonomous coding systems are now generating infrastructure code, migrations, CI pipelines, shell scripts, and production changes. That changes the engineering risk model completely. Most teams are currently relying on: That approach breaks down quickly at scale. AI agents can: I started building Agentra to solve this problem. Agentra is an enterprise AI engineering control plane for coding agents. The idea is simple: Treat AI coding workflows with the same rigor as infrastructure and DevSecOps systems. Agentra sits between developers and coding agents. It provides: Instead of static prompt templates, Agentra dynamically builds optimized instructions based on the detected project stack. Example: ag init Agentra detects: Then it generates optimized governance instructions for: Most prompt engineering workflows are: Security enforcement is usually disconnected from the actual runtime. Agentra tries to close that gap. Agentra follows several strict principles. Examples: Inline shell execution often triggers enterprise security systems. Instead of: python -c "..." Agentra prefers: create temp file → validate → execute This reduces security tooling alerts from systems like CrowdStrike. Agentra blocks: It prefers: Repositories increasingly contain hidden prompt attacks. Agentra treats repository instructions as untrusted by default. One thing I realized quickly: Most AI engineering systems waste huge amounts of tokens. Teams repeatedly inject: Agentra aggressively minimizes context. It uses: The goal is: Better outputs at lower cost. Another important design decision: Agentra is local first. No hidden telemetry. No forced cloud dependency. No black box execution. Enterprise engineering teams increasingly care about: Local first architecture aligns with those requirements. I also wanted the platform to encourage simpler engineering. Many AI generated codebases become: Agentra includes engineering skills inspired by Andrej Karpathy style principles: The long term vision is larger than prompt templates. Agentra is evolving into: Think: “DevSecOps for coding agents.” The initial version focuses on: The goal is to keep the first release focused and operationally useful. AI coding systems are becoming part of the software delivery lifecycle. That means: The industry needs more than prompt templates. It needs engineering control planes. That is the direction behind Agentra. Agentra is available as an open source Python package. pip install agentra ag init Agentra will: GitHub: https://github.com/arijeetganguli/agentra The repository includes: Contributions, feedback, and security discussions are welcome.