Coding agents are running wild in production environments, and most organizations have zero visibility into what they're actually doing. That's the core problem Stord aims to solve with its open-source flight recorder for AI agents, now available as a free MIT-licensed CLI tool.
The Problem With Agent Permissions The reality is grim: modern AI coding assistants like Claude Code and OpenAI's Codex run with skip-permission flags enabled — meaning they can read, write, and delete files without the normal guardrails. Ops agents often hold credentials broader than any human employee would get. When these systems overwrite configs, wipe directories, or accidentally expose sensitive data, there's no audit trail and no way to reverse the damage.
Stord cites some alarming statistics that underscore this risk: 63% of organizations can't stop their AI agents when something goes wrong, 33% have zero audit trail of agent activity, and machine identities now outnumber human ones at a ratio of 45-to-1. These aren't edge cases — they're the default state for most shops deploying autonomous coding assistants.
How Stord Works The CLI works as a governance layer between agents and your filesystem. Once enabled with `stord enable`, it creates an append-only journal logging every read, write, and delete operation — attributing each action to the exact agent, session, and user responsible. The `stord log` command shows you the full timeline; `stord agents` breaks down who touched what files.
The undo functionality is where this gets interesting. Every write operation is snapshotted before it executes, so you can reverse a single bad change with stord undo last or roll an entire directory tree back with stord restore. Yes, even after rm -rf. Crucially, Stord never touches your actual git history — it's a separate layer entirely.
Current Features and Roadmap The CLI is available today with core audit and reverse capabilities. It works out of the box with Claude Code and Codex, plus Hermes, OpenClaw, or any custom agent via hooks. Installation takes one line: `npm install -g stord` (or equivalent), with zero dependencies required.
On the roadmap: enforced scoped credentials per-agent rather than per-team, path-based permission rules like write: /build/**, and a cloud dashboard for fleet-wide tamper-evident audit logs across every machine in your organization. Early access is open now for teams wanting founding-user pricing on the cloud tier.
Key Takeaways
- AI coding agents operate with production-level permissions but minimal oversight by default
- Stord's free CLI provides immediate audit logging and undo capabilities without vendor lock-in
- The 45:1 machine-to-human identity ratio means this problem only gets worse over time
- Git history stays intact — Stord maintains its own reversible operation log separately
The Bottom Line
This is the security layer that should have shipped with every AI coding assistant from day one. Until vendors bake proper governance into their agents, tools like Stord aren't optional — they're essential. If your team is running Claude Code or Codex in anything beyond toy projects without something like this in place, you're flying blind.