Skip to main content
This is a preview/beta feature. Further changes are expected.

Overview

Chainloop can automatically collect AI agent configuration files during the attestation process. This creates a CHAINLOOP_AI_AGENT_CONFIG material that captures how agentic development tools are configured in your project, providing visibility and policy enforcement over AI tool usage in your software delivery lifecycle. The collector currently supports Claude configuration files, with support for additional AI agents planned for future releases.

How it works

When you pass the --collectors aiconfig flag to chainloop attestation init, the CLI scans your project for known AI agent configuration files. The discovered files are bundled into a single CHAINLOOP_AI_AGENT_CONFIG material and automatically included in the attestation (no manual attestation add step is required). The material is named ai-agent-config-<agent> after the agent that was discovered — for example, ai-agent-config-claude for Claude configuration files. The collected material includes metadata about the agent, a hash of the overall configuration, timestamps, and details about each discovered file.

Collected files

The aiconfig collector currently looks for the following Claude configuration file patterns:
PatternDescription
CLAUDE.mdProject-level instructions
.claude/CLAUDE.mdClaude directory instructions
.claude/settings.jsonClaude settings
.mcp.jsonMCP server configuration
.claude/rules/*.mdCustom rules
.claude/agents/*.mdAgent definitions
.claude/commands/*.mdCustom commands
.claude/skills/*/SKILL.mdSkill definitions
Support for additional AI agents beyond Claude will be added in future releases.

Material schema

The CHAINLOOP_AI_AGENT_CONFIG material follows this structure:
The schema version is 0.1 and may evolve as the feature matures. Always include a valid_input guard in your policies to handle schema changes gracefully.

Enabling the collector

1

Initialize the attestation with the collector

Pass the --collectors aiconfig flag during attestation initialization:
The CLI will scan for AI agent configuration files and report what it found.
2

Continue the attestation as normal

Add any other materials required by your contract and push:
The collector works alongside any other materials defined in your contract. You can combine it with SBOMs, container images, and any other evidence types.

Contract example

While the collector automatically attaches the material, defining CHAINLOOP_AI_AGENT_CONFIG in your contract allows you to attach policies to it:
contract.yaml
The material name in the contract must match the name generated by the collector, ai-agent-config-<agent> (e.g. ai-agent-config-claude). If the names differ, Chainloop treats the contract material as never provided and the attestation fails with a “missing material” error.

Built-in policies

Chainloop ships with built-in policies for AI agent configuration governance. Attach them to your contract to start enforcing best practices immediately — no custom Rego required:
PolicyWhat it checks
ai-agent-presentDetect AI agent presence via configuration materials or bot reviewers on PRs
ai-config-mcp-servers-allowedEnsure only approved MCP integrations are configured
ai-config-architecture-with-pathsVerify instruction files describe project architecture
ai-config-code-style-specificityRequire concrete, project-specific code style rules
ai-config-skill-descriptions-actionableEnsure skills describe what they do and when to use them
ai-config-subagent-descriptions-actionableRequire subagent descriptions with trigger, scope, and purpose
ai-instructions-commands-documentedRequire exact, executable commands instead of vague instructions
ai-instructions-size-boundsEnforce line count limits on instruction and skill files
ai-instructions-verification-criteriaRequire verification mechanisms like tests or expected outputs
To use a built-in policy, reference it by name in your contract:

Writing a custom policy

You can also write custom Rego policies to enforce rules on the collected AI configuration. The following example checks that the agent name is claude and produces a violation otherwise.
check-agent-name.yaml
The policy works as follows:
  • valid_input checks that the material contains an agent.name field, skipping evaluation if the schema is unexpected.
  • The violations rule fires when agent.name is anything other than "claude", producing a descriptive error message.
This pattern can be extended to check other fields in the AI config, such as verifying specific config files are present or that the configuration hash matches an expected value.

Testing the policy locally

Use the policy development CLI tools to validate your policy before deploying it: