AI coding agents do not behave like human operators. They parse every secret a human would ignore, cache it in a context window, and transmit it across API boundaries.
Session-level controls, built for people who forget what they read, stop working the moment a model joins the execution path. This white paper identifies the three risks that converge when Claude Code gets API connectivity, maps each one to a protocol-level control, and walks through the gateway architecture that lets AI agents operate against live infrastructure without exposing credentials, PII, or running unaudited, destructive commands.
Open source
Save the open-source gateway for agent data access
Hoop is MIT-licensed infrastructure for controlling how AI agents reach production data. Star hoophq/hoop so you can inspect it, deploy it, or share it when your team starts governing agent access.