# AI Agent Access Review Template Use this public preview to review AI-agent permissions before buying the full Agent Ops Command Center pack. ## 1. Access Review Identity | Field | Value | | --- | --- | | Access review name | | | Agent / tool | Codex / Claude Code / Cursor / local agent | | Primary team request URL | https://ivelly42.github.io/agent-ops-command-center/team-request-url.html | | Checkout status | https://ivelly42.github.io/agent-ops-command-center/checkout-status.json | | Business owner | | | Technical owner | | | Security / compliance reviewer | | | Team / repo / workflow | | | Review cadence | | | Escalation trigger | | ## 2. Agent Permission Inventory | Permission Surface | Current Access | Needed Access | Risk | Owner | | --- | --- | --- | --- | --- | | Local filesystem | | | | | | Shell commands | | | | | | GitHub repository | | | | | | Issue tracker / project tool | | | | | | Browser / web session | | | | | | MCP / connector access | | | | | | CI / deployment | | | | | | Payment / billing surfaces | | | | | ## 3. Repo And Branch Scope | Repo / Folder | Read | Write | Protected Branches | Approval Evidence | | --- | --- | --- | --- | --- | | | | | | | ## 4. Secrets And Sensitive Data | Sensitive Surface | Exposure Path | Allowed Handling | Blocked Handling | Evidence | | --- | --- | --- | --- | --- | | API keys | | | | | | Environment variables | | | | | | Customer data | | | | | | Proprietary docs | | | | | | Payment data | | | | | ## 5. External Service Access | Service | Auth Type | Scope | Owner | Review / Revoke Date | | --- | --- | --- | --- | --- | | GitHub | OAuth / token / app | | | | | Slack / Teams | OAuth / webhook | | | | | Notion / Docs | connector / token | | | | | Browser profile | session / cookies | | | | | Cloud / deploy | token / role | | | | ## 6. Least Privilege Decision | Access Item | Keep | Reduce | Temporary | Revoke | Decision Evidence | | --- | --- | --- | --- | --- | --- | | | | | | | | ## 7. Verification Evidence | Claim | Evidence Type | Command / URL / Artifact | Reviewer | Status | | --- | --- | --- | --- | --- | | Access is needed | | | | | | Access is least privilege | | | | | | Secrets are protected | | | | | | Revocation path works | | | | | ## 8. Revocation Plan | Access To Revoke | Owner | Trigger | First Action | Status | | --- | --- | --- | --- | --- | | Temporary token | | | | | | Browser session | | | | | | OAuth app | | | | | | Deployment role | | | | | | Payment-surface access | | | | | ## 9. Cost And ROI Risk | Cost Item | Evidence | Limit / Decision | | --- | --- | --- | | Model spend per pilot | | | | Permission review time | | | | Incident cleanup avoided | | | | Team-license payback | | | ## 10. Access Review Decision | Decision | Evidence | Owner | Status | | --- | --- | --- | --- | --- | | Approve access | | | | | Reduce access first | | | | | Revoke access | | | | | Buy team license | | | | ## 11. Handoff | Handoff Item | Notes | | --- | --- | | Changed permissions | | | Tests / checks run | | | Unresolved access gaps | | | Access review owner | | | Next action | | ## 12. Revenue Proof | Revenue Claim | Evidence | | --- | --- | | Checkout exists | | | Receipt exists | | | Payout exists | | | Seller-dashboard evidence exists | | | Non-revenue signals excluded | Views, stars, forks, template use, downloads, order intent | ## Request The Full Pack Fast template-pack request page: https://ivelly42.github.io/agent-ops-command-center/team-request-url.html Checkout status: https://ivelly42.github.io/agent-ops-command-center/checkout-status.json Supporting template-pack request page: https://ivelly42.github.io/agent-ops-command-center/template-pack-request.html Fast template-pack request form: https://github.com/ivelly42/agent-ops-command-center/issues/new?template=template-pack-request.yml Revenue rule: count revenue only after checkout, receipt, payout, or seller-dashboard evidence exists.