Agents Shipgate
Deterministic merge verdicts for AI-generated agent capability changes.
Agents Shipgate fills a genuine gap: PR-time static analysis for agent tool surfaces. Its local-first, zero-telemetry stance and broad SDK coverage are rare. But it's early-stage—most value comes from consistent CI adoption, and it explicitly doesn't replace runtime guardrails or evals.
- AI engineers shipping tool-using agents who need PR-time feedback on capability changes
- Platform engineers building agent CI/CD pipelines with deterministic merge gates
- Security and GRC teams reviewing AI agent releases needing audit trails without running agents
- Teams using multiple agent frameworks wanting a unified pre-merge check
- Teams that want runtime guardrails or call-time policy enforcement (use a runtime guardrail instead)
- Projects without AI-generated agent code or tool surface changes in PRs
- Users who need LLM evaluation or evals frameworks (Agents Shipgate is static analysis, not evals)
We scan live Reddit threads, YouTube comments, X posts, G2 reviews and other communities — and hand you an honest verdict in under a minute.
- Honest verdict, not marketing
- Real pros & cons from real users
- Attributed quotes with receipts
3 free scans · no card needed
In short
Agents Shipgate — Deterministic merge verdicts for AI-generated agent capability changes. Best for AI engineers shipping tool-using agents who need PR-time feedback on capability changes, Platform engineers building agent CI/CD pipelines with deterministic merge gates, Security and GRC teams reviewing AI agent releases needing audit trails without running agents. Free to use.
What's new in Agents Shipgate
Checked 13 days agoAcross the latest 10 updates: 9 feature updates and 1 changelog entry.
Agents Shipgate v0.13.0 released
v0.13.0 released with new features for agent PR merge verdicts and trust-root protection.
AI agent CI/CD: add a release gate to your GitHub Actions pipeline
Tutorial on adding agents-shipgate to GitHub Actions in four stages: advisory, baseline, strict, governance.
AI agent deployment checklist: 18 checks before production
Pre-flight checklist for shipping AI agents covering inventory, schemas, scopes, approvals, side effects, idempotency, and blast radius.
How to security-review MCP tools before production
Guidance on reviewing MCP tool surfaces for wildcard exposure, scope creep, missing approval policies, and schema strictness.
Your AI agent has a tool surface. It needs a release gate.
Tools are release artifacts. Tool surfaces need deterministic checks before promotion, not just evals.
Adding a release gate to an OpenAI Agents SDK project
agents-shipgate statically reads @function_tool decorators and produces release-readiness findings.
Adding a release gate to an Anthropic Claude tool-use agent
agents-shipgate scans Claude's JSON tools array and system prompt for release-readiness findings on every PR.
How to add Agents Shipgate to GitHub Actions in 5 minutes
Drop a workflow into .github/workflows/ for structured tool-surface review with severity counts.
MCP tool surfaces need release review
MCP tools expose dozens of surfaces; review wildcards, scopes, and undocumented actions before promotion.
Agents Shipgate vs runtime guardrails: where each one fits
Runtime guardrails enforce at call time; agents-shipgate enforces at PR time. Both are necessary.
Viability Score
How likely is Agents Shipgate to still be operational in 12 months? Based on 4 signals — momentum (how recently it shipped), wrapper dependency, revenue model, and web presence.
Last calculated: July 2026
How we score →Key Features
- Deterministic merge verdict: mergeable, human review, insufficient evidence, blocked
- Static analysis of MCP exports, OpenAPI 3.x, and SDK tool declarations
- Supports OpenAI Agents SDK, Anthropic Messages API, Google ADK, LangChain, LangGraph, CrewAI, Codex, n8n
- Capability lock and diff artifacts (capabilities.lock.json, capability-lock-diff.json/.md)
- Release report JSON with findings and severity counts
- Agent-native contract (agent_result_v1) for coding agents (Codex, Claude Code, Cursor)
- Content-addressed local release attestation (attestation.json)
- SARIF output for GitHub code-scanning integrations
- Local-first: no verifier network calls by default, no LLM calls, no MCP server connections
- Zero telemetry by default (opt-in only)
- GitHub Action with advisory, baseline, strict, and governance modes
- Semantic capability diff summary in PR comments
- PR-time analysis, not runtime guardrails
- Open source under Apache-2.0
- Agent-native merge contract with eight protocols
About Agents Shipgate
Agents Shipgate is an open-source, local-first CLI and GitHub Action that verifies AI-generated agent capability changes—such as MCP tools, OpenAPI operations, SDK tool declarations, and permission scopes—and returns a deterministic merge verdict before agent code lands. It reads a checked-in shipgate.yaml manifest plus local tool sources and PR diffs, then produces verifier artifacts: a merge verdict (mergeable, human review required, insufficient evidence, or blocked), a compact semantic capability diff, a release report, and an agent-native contract for coding agents to act on autonomously. The tool is built for AI engineers, platform engineers, and security/GRC teams who need pre-merge evidence without running agents or importing user code. Unlike runtime guardrails that enforce policy at call time, Agents Shipgate enforces it at PR time: it performs static analysis on tool surfaces, finds missing approval policies, wildcard exposures, scope creep, schema strictness issues, and side effects, and surfaces them as structured findings. It does not call LLMs, connect to MCP servers, or make network calls by default—verifier telemetry is completely opt-in and defaults off. The company behind Agents Shipgate is Three Moons Lab, which frames this as the first instalment in a broader thesis called 'healthcare for agents': a portfolio of pre-deployment and ongoing health checks for tool-using AI agents. Beyond release readiness, ships baseline snapshots, with capability audits and policy drift detection in design. The package, CLI, repository, and GitHub Action are all named agents-shipgate. It is licensed under Apache-2.0 and published at v0.13.0 as of July 2026.
Behind the Verdict
Agents Shipgate carves out a previously unnamed slot in the AI agent stack: deterministic release readiness for tool-surface changes. If your team ships agents that touch MCP servers, OpenAPI specs, or framework tool declarations, this tool will catch wildcard exposures, missing approval policies, and scope creep before they hit production. The local-first, zero-telemetry design is a honest differentiator—no data leaves your CI runner unless you opt in. That said, the tool is early-stage (v0.13.0). The documentation is clear, but you'll need to invest in CI integration and initial shipgate.yaml setup. It doesn't evaluate outputs or runtime behavior—that's not its job. Pair it with evals and runtime guardrails for full coverage. Compared to alternatives like runtime guardrails (e.g., Helicone, Portkey), Agents Shipgate is complementary: it checks at merge time, not call time. There's no direct competitor for PR-time static analysis of agent capabilities. In practice, we'd reach for this when we trust our agent code generation but want a deterministic gate before merging into main. Teams without agent-generated code or complex tool surfaces will find little use for it. It's best for platform teams shipping agents across multiple frameworks who want one unified check.
Researching Agents Shipgate? Get your full AI stack in 60 seconds.
Free, no signup — tell us your goal and get tools matched to your budget & existing stack.
Use Cases
- Add a release gate to your GitHub Actions workflow that blocks PRs expanding agent capabilities without approval policies
- Scan every PR touching MCP exports for missing scopes, wildcard paths, or undocumented side effects
- Generate a structured release-readiness report for AI agent PRs before staging or production deployment
- Provide coding agents (Codex, Claude Code) with a deterministic merge verdict contract they can act on autonomously
- Attest release artifacts with a content-addressed record for audit trails and compliance reviews
Limitations
- Agents Shipgate does not import or execute user code by default; static analysis may miss dynamic tool registrations or runtime-derived schemas.
- It requires a checked-in shipgate.yaml manifest and explicit tool source declarations.
- The tool is not an LLM evals framework and does not measure agent behavior or output quality.
12-month cost
Project the real annual outlay, including the implied monthly cost when only an annual tier is published.
Vendor list price only. Add-on usage, seat overages, and contract minimums are surfaced under Hidden costs & gotchas.
Integrations
Resources & Guides
Official links
Tools that pair well with Agents Shipgate
Common stack mates teams adopt alongside Agents Shipgate, with the specific reason each pairing earns its keep.
Featured Head-to-Head Comparisons
Alternatives to Agents Shipgate
View allPoolside AI
Enterprise open-weight foundation models and agents for high-consequence software engineering.
Replit Agent
Build and deploy full-stack apps from natural language with Replit Agent.
Frequently Asked Questions
Best-of guides
Used Agents Shipgate? Help shape our editorial sentiment research.