Hey folks,

Microsoft just released the Agent Governance Toolkit (AGT) on the Microsoft organization and MIT license to address runtime security and policy enforcement for AI agents. Agent Governance Toolkit (AGT)

Has anyone started testing it or using it? It seems somewhat disjointed from their Agent365 and other offerings.

Here is a quick (AI generated) breakdown at a high level:

🔍 What is it?

It is a multi-language (Python, TypeScript, Rust, Go, .NET) toolkit designed as a layer for action governance.action governance It intercepts agent actions and tool calls before they execute, evaluating them against security policies.before

🛡️ Core Highlights

• **Covers All 10 OWASP Agentic AI Risks:**Covers All 10 OWASP Agentic AI Risks: It includes tools to counter threats like goal hijacking, memory poisoning, and data exfiltration (e.g., using a semantic intent classifier and cross-model verification kernels).
• **Sub-Millisecond Latency:**Sub-Millisecond Latency: Designed with a stateless policy engine that runs with less than 0.1ms p99 latency overhead.
• Framework Agnostic: It hooks natively into existing agent pipelines without requiring rewrites. Integrations work with LangChain, CrewAI, and the Microsoft Agent Framework.
• **Compliance Ready:**Compliance Ready: Designed to help teams meet upcoming regulatory frameworks like the EU AI Act and Colorado AI Act with out-of-the-box audit trails and risk management support.

📦 Packages at a Glance

The system is composed of several core packages to govern different layers:

• Agent OS: Stateless, sub-millisecond policy evaluation.
• **Agent Mesh:**Agent Mesh: Cryptographic identity, trust scores, and agent-to-agent communication controls.
• **Agent Runtime:**Agent Runtime: Privilege separation and emergency kill switches.
• **SRE & Compliance:**SRE & Compliance: Audit logging, compliance guardrails, and error analysis.

🔗 Links:

• GitHub Repository
• Microsoft Open Source Announcement