OpenSource-Hub

agent-governance-toolkit

라이브러리

microsoft/agent-governance-toolkit

자율 AI 에이전트의 전략 실행 및 보안 도구 키트

개요

AI 에이전트를 위한 결정론적 정책 실행, 제로 트러스트 신원 및 실행 샌드박스를 제공하며, 모든 OWASP Agentic Top 10 위험을 포괄하고, 모든 프레임워크와 통합 가능하며 감사 로그를 포함합니다.

README 미리보기

🌍 [English](/README.md) | [日本語](./docs/i18n/README.ja.md) | [简体中文](./docs/i18n/README.zh-CN.md) | [한국어](./docs/i18n/README.ko.md)\n\n\n\n# Agent Governance Toolkit\n\n### Ship agents to production without losing sleep\n\n\n  \n    \n  \n\n\n\n  \n    🚀 Quick Start ·\n    📋 Specifications ·\n    📦 PyPI ·\n    📝 Changelog\n  \n\n\n[](https://github.com/microsoft/agent-governance-toolkit/actions/workflows/ci.yml)\n[](LICENSE)\n[](https://pypi.org/project/agent-governance-toolkit/)\n[](https://www.npmjs.com/package/@microsoft/agent-governance-sdk)\n[](https://www.nuget.org/packages/Microsoft.AgentGovernance)\n[](https://scorecard.dev/viewer/?uri=github.com/microsoft/agent-governance-toolkit)\n[](https://www.bestpractices.dev/projects/12085)\n[](docs/compliance/owasp-agentic-top10-architecture.md)\n\n> [!IMPORTANT]\n> **Public Preview** -- production-quality, Microsoft-signed releases. May have breaking changes before GA.\n\nPolicy enforcement, identity, sandboxing, and SRE for autonomous AI agents. One `pip install`, any framework.\n\n---\n\n## The Problem\n\nYour AI agents call tools, browse the web, query databases, and delegate to other agents. Once deployed, they make decisions autonomously. You need answers to three questions:\n\n**1. Is this action allowed?** An agent with access to `send_email` and `query_database` should not be able to `drop_table`. OAuth scopes and IAM roles control which services an agent can reach, not what it does once connected.\n\n**2. Which agent did this?** In a multi-agent system, five agents might share a single API key. When something goes wrong, "an agent did it" is not an incident response.\n\n**3. Can you prove what happened?** Auditors and regulators need tamper-evident records of every decision: what policy was active, what the agent requested, and why it was allowed or denied.\n\nPrompt-level safety ("please follow the rules") is not a control surface. It is a polite request to a stochastic system. [OWASP LLM01:2025](https:

FAQ (1)

문제 해결
CI에서 에이전트-os 거버넌스 패리티와 어댑터 계약 테스트가 소프트 실패에 가려지지 않고 하드 실패되도록 만드는 방법은?

GitHub Actions 워크플로우(.github/workflows/ci.yml)에 agent-os 매트릭스 패키지를 위한 전용 적합성 검증 단계를 추가합니다. 기존의 소프트 실패 테스트 단계(pytest tests/ ... || true) 앞에 배치하고 if: matrix.package == 'agent-os'로 보호합니다. || true 없이 pytest tests/test_governance_parity.py tests/test_spec_adapter_contract_conformance.py만 실행합니다. 이는 다른 광범위한 테스트 스위트를 변경하지 않고 이러한 특정 검사를 적용합니다. 브랜치 보호가 이 단계를 요구하도록 합니다.

원본 Issue #2695