We're solving this with two different tracks for Vibed stuff and Actual Code.

Vibed stuff can do whatever it wants, with some basic CI checks and Agent instructions

BUT if any of that crosses specific thresholds (writes to dangerous APIs, reads from unvetted sources, is deployed on the public internet), an actual developer MUST review the code - with the associated costs billed to the creator's BU.

Works fine, zero projects have been made public yet, but we have a bunch of Vibed internal tools in use that can't be accessed outside our internal network (or VPN) that are actually helping people do their work more efficiently.