Spotted a new “lock file” pattern in AI coding IDEs like Bolt.new — a way to protect files (like specifications) from being rewritten by AI agents. Is this the beginning of ACLs specific for AI coding agents?
The comments went interesting places. Matthew Skelton warned about reinventing problematic file locking from Visual Source Safe. Matthias Lubken suggested expanding beyond pure ACLs to include hints like “avoid changes,” “never change,” “refactor when possible,” and “always performance test.” Ray Myers argued it should default to opt-in rather than opt-out.
The deeper question: as agents get more autonomous, what governance patterns do we need? This is access control for a new kind of team member.
Originally posted on LinkedIn.