Signals CapitalGuard looks for
GitHub Actions or CI files editable by agent workflows
Package lifecycle scripts with network or shell actions
Deployment scripts near secrets or production credentials
Why it matters
A workflow change can run automatically with more authority than the developer expected.
Lifecycle scripts can execute during install, build, test, or deploy.
Release automation often touches secrets, infrastructure, and customer-facing systems.
Precautions to take
Require code-owner review for workflow and release files.
Block agent edits to deployment and package lifecycle scripts by default.
Separate read-only analysis from commands that mutate infrastructure or publish artifacts.