Airlock Antigravity Enforcer

Airlock Antigravity Enforcer

Open-source reference sample for intercepting AI actions in Google Antigravity — adapt for your enterprise Gateway deployment

VS Code Marketplace Open VSX Registry GitHub
Reference sample, not a consumer install guide. Source lives on GitHub. Configure the integration against your organization's Gateway at https://<your-gateway-host> and identity at https://<your-auth-host>/realms/<your-realm>.

Prerequisites

  • VS Code with Google Antigravity extension installed
  • Deployed Airlock Gateway and identity provider for your organization
  • Mobile Approver distributed to reviewers via your organization's channel (MDM or internal app catalog)

Getting Started

  1. 1

    Install the Extension

    In VS Code, open the Extensions panel (Ctrl+Shift+X / Cmd+Shift+X), search for Airlock Enforcer, and install Airlock Antigravity Enforcer.

  2. 2

    Sign In

    Open the Command Palette (Ctrl+Shift+P / Cmd+Shift+P) and run Airlock: Sign In. Authenticate with your organization's identity provider.

  3. 3

    Pair with Mobile Approver

    Run Airlock: Start Mobile Pairing from the Command Palette. A QR code will be displayed. On the Mobile Approver, go to Settings → Pair Another Workspace, scan the QR code or enter the pairing code manually.

  4. 4

    Enable Auto Mode

    Run Airlock: Enable Auto Mode to start intercepting AI actions. All Antigravity commands will now require approver sign-off via the Mobile Approver.

Extension Commands

Command Description
Airlock: Sign InAuthenticate with the Gateway
Airlock: Sign OutClear authentication
Airlock: Start Mobile PairingPair with the Mobile Approver (QR code)
Airlock: Unpair Mobile ApproverRemove paired device
Airlock: Enable Auto ModeStart automatic approval gating
Airlock: Disable Auto ModeStop gating
Airlock: Show StatusShow current endpoint, enforcer ID, pairing state

Antigravity-Specific Notes

CDP Interception: The Antigravity enforcer uses Chrome DevTools Protocol (CDP) to intercept AI actions at the browser level. This provides deep integration with the Antigravity agent's execution pipeline.

How It Works

The Airlock Antigravity Enforcer intercepts all AI-generated terminal commands and file mutations. Each action is encrypted with AES-256-GCM and submitted to the Gateway. Your Mobile Approver receives a push notification — you review the action and sign your decision with Ed25519. The enforcer verifies the signature locally before allowing execution.

Security model: The enforcer operates in fail-closed mode. If the gateway is unreachable, the signature is invalid, or the request times out — the action is blocked. No exceptions.

← All Docs Back to Airlock