Nine AI and human agents operate on a single codebase under deny-by-default policy enforcement. Every PR generates a Decision Receipt. 3,222 receipts, 99% acceptance, 43 blocked, 1 escalated. This episode shows what happens when an agent is blocked and what escalation looks like in practice.
By the end of this episode, you will understand how deny-by-default governance works when multiple AI agents and humans share a codebase โ and why blocking is a feature, not a failure.
| Claim | Risk | Status | Evidence |
|---|---|---|---|
| Nine distinct agents โ including AI coding agents, dependency bots, human developers, and service accounts โ operate on a single codebase under identical deny-by-default policy enforcement. | low | approved | 1 |
| The deny-by-default system treats all agents identically: no agent has bypass privileges, and human agents are subject to the same receipt requirements as AI agents. | low | approved | 2 |
| Of 3,222 Decision Receipts generated, 43 were blocked for policy violations including restricted path modifications, missing test coverage, unapproved dependencies, and credential exposure. | low | approved | 2 |
| Blocking is automatic and immediate โ no human intervention is required to enforce policy. Blocked agents must fix violations and resubmit, generating a new receipt. | medium | approved | 1 |
| The single escalation in 3,222 receipts occurred when an autonomous agent simultaneously modified production infrastructure and patent-sensitive code paths, requiring human judgment to split the submission. | medium | approved | 1 |
Nine agents. One codebase. Every pull request must earn a signed receipt before it can merge. No exceptions โ not for the founder, not for Dependabot, not for Devin. What happens when agent number six gets blocked?
Let me introduce the roster. Devin, Codex, Jules โ three AI coding agents that generate autonomous PRs. Dependabot โ the dependency bot that never sleeps. Copilot โ inline suggestions that become commits. Then the humans: BrianCLong, the founder. bcl-topsum, the bridge workflow account. SummitCognitive, the org service account. TopicalitySummit, the content operations agent. Nine agents. Zero bypass privileges.
Here is the number that matters: Dependabot alone has generated roughly 1,200 receipts. The founder has 800. Devin has 400. Every single one went through the same policy engine. The system does not care who you are. It cares what you did.
Deny-by-default means exactly what it sounds like. The default answer to every PR is no. The receipt system must actively approve the change based on policy evaluation. If the policy engine cannot confirm compliance, the PR is blocked. No merge. No exception. This is not a guardrail you can drive around. It is the road.
So what does a block look like? Forty-three times out of 3,222, the system said no. Twelve times because a PR touched a restricted path without the required approval. Nine times for missing test coverage. Eight times for introducing a dependency not on the allowlist. Six times for modifying patent-sensitive code without legal review. Five times for exceeding the file-change threshold. Three times for committing something that looked like a credential.
When a block fires, the agent sees a failed check on the PR. The Decision Receipt is generated but marked BLOCKED with the specific policy violation. The PR cannot merge. The agent โ human or AI โ must fix the violation and push again. A new receipt is generated for the new submission. The blocked receipt stays in the ledger. Nothing is deleted. Everything is auditable.
Now the escalation. One time in 3,222 receipts, the system could not decide automatically. An autonomous agent submitted a PR that modified production infrastructure and patent-sensitive code paths in the same changeset. Two policy domains in one PR. The system blocked it and escalated to human review. The human reviewer split the PR into two submissions. Both passed individually. The system worked โ it recognized the limits of automated judgment and asked for help.
Forty-three blocks. One escalation. 3,178 clean acceptances. That is what deny-by-default governance looks like at scale with nine agents. Blocking is not a failure of the system. It is the system working. Check the source appendix for the full agent behavior analysis. Visit decrec.summitcognitive.ai to query receipts by agent. This has been Warrant, Season One, Episode Three.