Your agents need to push code. Today, they do that as you, using a PAT with access to anything you have access to. That PAT doesn't expire, so if it leaks, game over.
Oak: scoped tokens for agents.
Easily create a service account, grant it access to a
specific branch, or multiple branches with regex patterns,
and mint short-lived tokens. Agents get exactly the access
they need: read-write on
chore/update-replicase -- and nothing more.
Log in with GitHub OAuth. Oak knows who you are.
Give it a name like css-jockey or
yaml-engineer. It has zero
permissions by default. Delete it when you're
done.
Grant access to a single branch, or use regex
patterns: feat/css-.* for all
feature branches, etc. Read or read-write.
Short-lived, scoped, auditable. The agent pushes through Oak's proxy, which enforces the rules.
This lets Oak push to your repos on behalf of authorized tokens.
brew tap oakling-dev/homebrew-tap && brew install oakReleases for more platforms available here.
oak auth login
# Opens your browser for GitHub OAuthoak auth configure-git
# Sets up the credential helper for oakling.dev, updates your Git remote.oak sa create yaml-engineer \
--repo bigco-biz/monorepo --branch chore/update-replicas \
--access readwrite --expire 1d
# Created service account "yaml-engineer" (id: abc123)# Print the token (pipe it to your agent's env)
oak sa token yaml-engineer
# Or assume the identity locally to test
oak sa assume yaml-engineer
oak auth status
# Subject: abc123 (sa)# The agent pushes to the allowed branch --> allowed!
git push origin chore/update-replicas
# Push to main --> denied!
git push origin main
# remote: 🔒 Oak push authorization failed
# remote:
# remote: Refs:
# remote: ❌ refs/heads/main -- no readwrite access
# remote:
# remote: Your permissions (sa abc123) on myorg/myrepo:
# remote: • chore/update-replicas → readwrite
# remote: • main → readonly
# remote:
# remote: To grant access, an admin can run:
# remote: oak sa grant abc123 bigco-biz/monorepo main readwrite