Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/microsoft/agent-governance-toolkit/llms.txt

Use this file to discover all available pages before exploring further.

The Agent Governance Toolkit (AGT) gives you deterministic control over autonomous AI agents. Every tool call, message send, and agent delegation is intercepted and evaluated against policy before it reaches the wire — making policy violations structurally impossible, not just unlikely.

Quickstart

Go from zero to governed agents in under 5 minutes.

How It Works

Understand the architecture: policy engine, identity, sandboxing, and audit.

Policy Engine

Write YAML rules that allow, deny, or escalate any agent action.

Framework Integrations

LangChain, CrewAI, AutoGen, OpenAI Agents SDK, Semantic Kernel, and more.

Why AGT?

Prompt-level safety is a polite request to a stochastic system. OWASP LLM01:2025 states there are no fool-proof prompt-injection defenses. Adaptive attacks achieve 100% success rates against GPT-4o and Claude 3 under benchmark conditions. AGT does not fight that battle inside the prompt. It intercepts every action in deterministic application code before the model’s intent reaches the wire. Actions the AGT policy engine denies are not “unlikely” — they are structurally impossible.

< 0.1ms p99

Governance latency on the policy hot path — adds no perceptible overhead.

10 / 10 OWASP

All OWASP Agentic AI Top 10 risk categories covered with deterministic controls.

5 Languages

Python, TypeScript, .NET, Rust, and Go — consistent governance APIs across all.

Get started in two lines

from agentmesh.governance import govern

safe_tool = govern(my_tool, policy="policy.yaml")   # every call checked, logged, enforced
safe_tool evaluates your YAML policy on every invocation, writes an audit entry, and raises GovernanceDenied if the action is blocked. No framework changes required.
1

Install the toolkit

pip install agent-governance-toolkit[full]
TypeScript, .NET, Rust, and Go packages are also available — see Installation.
2

Write a policy

Create policy.yaml with allow/deny rules for your agent’s tool calls. Start with a permissive default and add deny rules for dangerous operations.
3

Wrap your tools

Call govern(my_tool, policy="policy.yaml") on every tool function your agent can invoke. That’s all the integration required.
4

Verify compliance

Run agt verify to generate an OWASP Agentic Top 10 compliance attestation for your deployment.

Explore the documentation

Core Concepts

Deep-dives into the policy engine, zero-trust identity, execution rings, and audit trails.

Guides

Step-by-step guides for framework integrations, MCP security, SRE, and deployment.

Compliance

OWASP, NIST AI RMF, EU AI Act, and SOC 2 coverage maps with automated evidence.

API Reference

Full API docs for the Python, TypeScript, .NET, Rust, and Go SDKs.

CLI Reference

agt command reference: verify, doctor, red-team scan, lint-policy, and more.

FAQ

Answers to common questions about architecture, integrations, and security boundaries.

Build docs developers (and LLMs) love

Get started for freeTalk to us