An off‑boarded contractor leaves behind an AI‑driven code‑generation bot that continues to run nightly CI jobs. The bot pulls source from the repository, writes temporary files, and pushes compiled artifacts to a storage bucket that contains customer‑provided personal data. No human ever sees the bot’s actions, and the organization has no record of which data fields were read or written during each run.
Under Brazil’s General Data Protection Law (LGPD), personal data must be processed only for legitimate purposes, with clear accountability, and with explicit safeguards such as purpose limitation, data minimisation, and auditability. The law also requires that any automated decision‑making system be able to demonstrate compliance on demand. When an AI coding agent operates with unrestricted credentials and without visibility into its own activity, an organization cannot prove that it respects those obligations.
LGPD requirements for AI coding agents
LGPD defines personal data broadly, covering any information that can identify an individual. For software development pipelines, this includes logs that contain user IDs, error messages that echo email addresses, and configuration files that embed customer identifiers. The regulation imposes three technical pillars:
- Accountability: every access to personal data must be traceable to a specific identity and purpose.
- Data minimisation: systems should expose only the fields necessary for the task, masking or redacting anything else.
- Audit evidence: organizations must retain reliable records that show who accessed what, when, and under which policy.
When an AI coding agent interacts with databases, version‑control servers, or cloud storage, each of those pillars must be enforced at the point where the request traverses the network.
Why the current AI coding workflow falls short
Most teams give their agents long‑lived service‑account keys or embed static passwords in CI pipelines. The agent then connects directly to the target system – a PostgreSQL instance, a Git repository, or an S3 bucket – using those credentials. This model satisfies the first step of LGPD (identifying the service account) but fails on two critical fronts:
- The connection is a straight tunnel; the target sees the request as if it came from a human operator. No real‑time guardrails exist to block a query that would return a full customer table, nor to mask a column that contains a CPF number.
- Because the request bypasses any central audit layer, the organization cannot produce a reliable log that ties the AI‑generated action to a specific policy decision. The agent’s own logs are stored on the same host that runs the code, making them vulnerable to tampering.
In other words, the setup grants the agent the ability to read and write personal data, but it does not provide the “just‑in‑time” approval, inline masking, or recorded session recording that LGPD demands.
Embedding LGPD controls with an identity‑aware gateway
This is where an identity‑aware, Layer 7 gateway becomes essential. By placing a gateway between the AI coding agent and every downstream service, the organization creates a single enforcement point that can apply LGPD‑required policies consistently.
hoop.dev is built exactly for that role. It sits on the network, authenticates the agent via OIDC or SAML, and then proxies the connection to the target resource. Because the gateway owns the credential, the agent never sees the secret that grants access to the database or storage bucket.
From the LGPD perspective, hoop.dev provides three concrete enforcement outcomes:
- Session recording and replay: every request and response is captured at the protocol layer. The recorded session includes the identity of the calling agent, the exact query issued, and the data returned. This recorded log satisfies LGPD’s accountability requirement.
- Inline data masking: before any response leaves the target, hoop.dev can redact or replace fields that match personal‑data patterns (such as CPF, email, or phone numbers). The masking happens in real time, ensuring that downstream systems – including logs or downstream analytics – never see the raw identifiers.
- Just‑in‑time approval workflows: for high‑risk operations (for example, a bulk export of a customer table), hoop.dev can pause the request and require a human approver to confirm the purpose. This enforces purpose limitation and provides an auditable decision point.
All of these controls are enforced in the data path, meaning they cannot be bypassed by reconfiguring the AI agent or by altering its local environment. The setup phase – provisioning OIDC identities, assigning least‑privilege roles, and deploying the gateway – determines who may start a session, but the actual enforcement happens only inside hoop.dev.
How hoop.dev aligns with each LGPD pillar
Accountability: hoop.dev records the full session, tying every read or write to the authenticated identity of the AI coding agent. The logs are stored outside the agent’s host, making them tamper‑evident and available for auditors.
Data minimisation: inline masking ensures that only the data required for the build or test is exposed. Sensitive columns are automatically redacted, reducing the chance of accidental leakage.
Audit evidence: the combination of recorded session logs, approval records, and masking policies creates a comprehensive evidence package. Organizations can export these logs to satisfy regulator requests without having to reconstruct events from scattered sources.
Getting started
To adopt this approach, begin with the getting‑started guide. Deploy the gateway using the provided Docker Compose file or the Kubernetes manifests, configure your AI coding agents to authenticate via your existing OIDC provider, and register each target resource (PostgreSQL, Git, S3, etc.) in the gateway’s catalog. Detailed feature documentation is available in the learn section, where you can explore masking rules, approval workflows, and session‑replay tools.
FAQ
Does hoop.dev make my AI coding agent LGPD‑compliant?hoop.dev provides the technical controls required by LGPD – audit logs, masking, and just‑in‑time approvals – but compliance also depends on organizational policies and legal interpretation. The gateway gives you the evidence and enforcement mechanisms needed to demonstrate compliance.Can I use hoop.dev with existing CI pipelines?Yes. The gateway works with standard clients (psql, git, aws cli, etc.) and can be called from any CI runner. No code changes are required; the pipeline simply points to the gateway endpoint.What happens to credentials?The gateway stores the credentials needed to reach the downstream service. The AI coding agent authenticates only to the gateway, never seeing the secret that accesses the database or storage bucket.
Explore the source code and contribute to the project on GitHub.
