AGT Multi-Language SDKs: Python, TypeScript, .NET, Rust, Go

All five AGT language SDKs implement the same four governance primitives — policy evaluation, agent identity, trust scoring, and tamper-evident audit logging — so teams can enforce the same governance rules whether they’re building in Python, TypeScript, .NET, Rust, or Go. Policy YAML files work identically across all SDKs. The Python package has the full stack; the other four SDKs cover the core governance surface needed to build production agents.

Core Governance Primitives

Primitive	Python	TypeScript	.NET	Rust	Go
Policy evaluation	`PolicyEvaluator`	`PolicyEngine`	`PolicyEngine`	`PolicyEngine`	`PolicyEngine`
Agent identity	`AgentIdentity`	`AgentIdentity`	`AgentIdentity`	`AgentIdentity`	`AgentIdentity`
Trust scoring	`TrustEngine`	`TrustManager`	`FileTrustStore`	`TrustEngine`	`TrustManager`
Audit logging	`AuditLogger`	`AuditLogger`	`AuditLogger`	`AuditLogger`	`AuditLogger`

SDK Examples

TypeScript
.NET
Rust
Go

Install

npm install @microsoft/agent-governance-sdk

Prerequisites: Node.js ≥ 18, TypeScript ≥ 5.4. The package has two runtime dependencies: @noble/ed25519 for cryptography and js-yaml for YAML policy parsing.PolicyEngine

import { PolicyEngine } from "@microsoft/agent-governance-sdk";

const engine = new PolicyEngine([
  { action: "data.read",  effect: "allow" },
  { action: "data.write", effect: "deny"  },
]);

engine.evaluate("data.read");    // "allow"
engine.evaluate("data.write");   // "deny"
engine.evaluate("data.delete");  // "deny" — default when no rule matches

Load rich YAML policies with expressions, rate limits, and conflict resolution:

const engine = new PolicyEngine();
await engine.loadFromYAML("./policies/production.yaml");
const result = engine.evaluatePolicy(
  "did:agentmesh:analytics-agent:abc123",
  { user: { role: "admin" }, action: "data.write" }
);
console.log(result.allowed);      // true
console.log(result.matchedRule);  // "admin-full-access"

AgentIdentity (Ed25519 DIDs)

import { AgentIdentity } from "@microsoft/agent-governance-sdk";

const agent = AgentIdentity.generate("sales-assistant", ["crm.read", "email.send"], {
  organization: "Contoso",
  sponsor: "alice@contoso.com",
});

console.log(agent.did);  // did:agentmesh:sales-assistant:<fingerprint>

// Sign and verify
const message = new TextEncoder().encode("Transfer $500 to account 1234");
const signature = agent.sign(message);
console.log(agent.verify(message, signature));  // true

// Delegate with narrowed capabilities
const child = agent.delegate("data-worker", ["crm.read"]);
console.log(child.parentDid);         // parent's DID
console.log(child.delegationDepth);   // 1

AuditLogger (Hash-chain)

import { AuditLogger } from "@microsoft/agent-governance-sdk";

const logger = new AuditLogger();

logger.log({ agentId: "agent-1", action: "data.read",  decision: "allow" });
logger.log({ agentId: "agent-1", action: "data.write", decision: "deny"  });

console.log(logger.verify());  // true — chain is intact
const json = logger.exportJSON();

Unified AgentMeshClient

import { AgentMeshClient } from "@microsoft/agent-governance-sdk";

const client = AgentMeshClient.create("my-agent", {
  capabilities: ["data.read", "data.write"],
  policyRules: [
    { action: "data.read",  effect: "allow" },
    { action: "*",           effect: "deny"  },
  ],
});

const result = await client.executeWithGovernance("data.read");
console.log(result.decision);    // "allow"
console.log(result.trustScore);  // { overall: 0.5, tier: "Provisional", ... }
console.log(result.auditEntry);  // { hash: "3a7f...", previousHash: "0000...", ... }

Install

dotnet add package Microsoft.AgentGovernance

For MCP server integration:

dotnet add package Microsoft.AgentGovernance.Extensions.ModelContextProtocol

Prerequisites: .NET 8+. Single dependency: YamlDotNet.GovernanceKernel (main entry point)

using AgentGovernance;
using AgentGovernance.Policy;

var kernel = new GovernanceKernel(new GovernanceOptions
{
    PolicyPaths = new() { "policies/default.yaml" },
    ConflictStrategy = ConflictResolutionStrategy.DenyOverrides,
    EnablePromptInjectionDetection = true,
    EnableCircuitBreaker = true,
});

var result = kernel.EvaluateToolCall(
    agentId: "did:mesh:agent-1",
    toolName: "web_search",
    args: new() { ["query"] = "latest AI news" }
);

if (!result.Allowed)
    Console.WriteLine($"Blocked: {result.Reason}");

PolicyEngine

using AgentGovernance.Policy;

var engine = new PolicyEngine
{
    ConflictStrategy = ConflictResolutionStrategy.DenyOverrides
};
engine.LoadYamlFile("policies/security.yaml");

var decision = engine.Evaluate(
    agentDid: "did:mesh:agent-001",
    context: new Dictionary<string, object>
    {
        ["tool_name"] = "database_write",
        ["risk_score"] = 0.9
    }
);

Console.WriteLine($"Allowed: {decision.Allowed}");     // false
Console.WriteLine($"Rule:    {decision.MatchedRule}");  // "block-dangerous"

AgentIdentity

using AgentGovernance.Trust;

var identity = AgentIdentity.Create("research-assistant");
Console.WriteLine(identity.Did);  // "did:mesh:a7f3b2c1..."

// Sign and verify
byte[] signature = identity.Sign("important governance data");
bool valid = identity.Verify(
    System.Text.Encoding.UTF8.GetBytes("important governance data"),
    signature
);
Console.WriteLine(valid);  // true

MCP Server integration

using AgentGovernance.Extensions.ModelContextProtocol;

builder.Services.AddMcpServer()
    .WithGovernance(options => options.PolicyPaths.Add("policies/mcp.yaml"));

Install

cargo add agentmesh

Or add to Cargo.toml:

[dependencies]
agentmesh = "3"

Prerequisites: Rust 1.75+ (2021 edition). Dependencies: serde, serde_yaml, sha2, ed25519-dalek, thiserror.AgentMeshClient

use agentmesh::{AgentMeshClient, ClientOptions};

let client = AgentMeshClient::with_options("analyst-001", ClientOptions {
    capabilities: vec!["data.read".into(), "data.write".into()],
    policy_yaml: Some(std::fs::read_to_string("policies/security.yaml")?),
    trust_config: None,
})?;

let result = client.execute_with_governance("data.read", None);
println!("Allowed: {}", result.allowed);     // true
println!("Trust: {}", result.trust_score.score);
println!("Audit hash: {}", result.audit_entry.hash);

PolicyEngine

use agentmesh::PolicyEngine;

let engine = PolicyEngine::new();
engine.load_from_yaml(r#"
version: "1.0"
agent: my-agent
policies:
  - name: data-access
    type: capability
    allowed_actions:
      - "data.read"
      - "data.write"
    denied_actions:
      - "shell:*"
"#)?;

let decision = engine.evaluate("data.read", None);
assert_eq!(decision, PolicyDecision::Allow);

let decision = engine.evaluate("shell:rm", None);
assert!(matches!(decision, PolicyDecision::Deny(_)));

AgentIdentity (Ed25519)

use agentmesh::AgentIdentity;

let identity = AgentIdentity::generate(
    "researcher-agent",
    vec!["data.read".into(), "search".into()],
)?;

println!("DID: {}", identity.did);  // did:agentmesh:researcher-agent

let data = b"important message";
let signature = identity.sign(data)?;
assert!(identity.verify(data, &signature));

AuditLogger

use agentmesh::AuditLogger;

let logger = AuditLogger::new();
logger.log("agent-001", "data.read", "allow");
logger.log("agent-001", "shell:rm",  "deny");

assert!(logger.verify());  // chain is intact
let entries = logger.entries();
assert_eq!(entries[1].previous_hash, entries[0].hash);

Install

go get github.com/microsoft/agent-governance-toolkit/agent-governance-golang

Prerequisites: Go 1.25+. Single external dependency: gopkg.in/yaml.v3.AgentMeshClient

package main

import (
    "fmt"
    agentmesh "github.com/microsoft/agent-governance-toolkit/agent-governance-golang"
)

func main() {
    client, err := agentmesh.NewClient("my-agent",
        agentmesh.WithCapabilities([]string{"data.read", "data.write"}),
        agentmesh.WithPolicyRules([]agentmesh.PolicyRule{
            {Action: "data.read",  Effect: agentmesh.Allow},
            {Action: "data.write", Effect: agentmesh.Allow},
            {Action: "*",          Effect: agentmesh.Deny},
        }),
    )
    if err != nil {
        panic(err)
    }

    result, _ := client.ExecuteWithGovernance("data.read", nil)
    fmt.Println("Allowed:", result.Allowed)     // true
    fmt.Println("Trust:", result.TrustScore.Overall)
    fmt.Println("Hash:", result.AuditEntry.Hash)
}

PolicyEngine

rules := []agentmesh.PolicyRule{
    {Action: "data.read",  Effect: agentmesh.Allow},
    {Action: "data.write", Effect: agentmesh.Allow},
    {Action: "deploy.*",   Effect: agentmesh.Review},
    {Action: "shell.*",    Effect: agentmesh.Deny},
    {Action: "*",          Effect: agentmesh.Deny},
}

engine := agentmesh.NewPolicyEngine(rules)
fmt.Println(engine.Evaluate("data.read", nil))  // allow
fmt.Println(engine.Evaluate("shell.exec", nil)) // deny

// Load from YAML file
engine2 := agentmesh.NewPolicyEngine(nil)
engine2.LoadFromYAML("policies/governance.yaml")

AgentIdentity (Ed25519)

identity, _ := agentmesh.GenerateIdentity(
    "researcher-agent",
    []string{"data.read", "search"},
)
fmt.Println("DID:", identity.DID)  // did:agentmesh:researcher-agent

data := []byte("important message")
signature, _ := identity.Sign(data)
fmt.Println("Valid:", identity.Verify(data, signature))  // true

AuditLogger

logger := agentmesh.NewAuditLogger()
logger.Log("agent-1", "data.read",  agentmesh.Allow)
logger.Log("agent-1", "data.write", agentmesh.Deny)

fmt.Println(logger.Verify())  // true

jsonStr, _ := logger.ExportJSON()

Capability Matrix

Capability	Python	TypeScript	.NET	Rust	Go
Policy Engine	✅	✅	✅	✅	✅
Identity & Auth	✅	✅	◑	✅	✅
Trust Scoring	✅	✅	✅	✅	✅
Audit Logging	✅	✅	✅	✅	✅
MCP Security	✅	✅	✅	✅	✅
Execution Rings	✅	✅	✅	✅	✅
SRE / SLOs	✅	✅	✅	✅	✅
Kill Switch	✅	✅	✅	✅	✅
Lifecycle Management	✅	✅	✅	✅	✅
Framework Integrations	✅	✅	✅	✅	✅
Shadow AI Discovery	✅	✅	✅	✅	✅
Prompt Defense Evaluator	✅	✅	✅	✅	✅
Unified CLI (`agt`)	✅	—	—	—	—
Governance Dashboard	✅	—	—	—	—

Legend: ✅ Implemented · ◑ Partial · — Not yet available

.NET is marked partial for Identity & Auth parity because it now supports stronger native asymmetric identity flows (ECDSA P-256) while the other SDKs center on Ed25519-based identity material.

Python-Only Capabilities

Several capabilities are available exclusively in Python today. They represent the full governance stack for enterprise deployments:

Capability	Package	Description
Replay Debugging	`agent-sre`	Deterministic replay of agent sessions
Governance Dashboard	`demo/`	Real-time fleet visibility (Streamlit)
Unified CLI (`agt`)	`agent-compliance`	`agt verify`, `agt doctor`, `agt lint-policy`
OWASP Verification	`agent-compliance`	ASI 2026 compliance attestation
20+ Framework Adapters	`agentmesh-integrations`	LangChain, CrewAI, AutoGen, OpenAI Agents, Google ADK, etc.

Policy YAML Portability

Policy YAML files work identically across all five SDKs. Write the policy once and load it from any language:

# policies/production.yaml — works in Python, TypeScript, .NET, Rust, and Go
version: "1.0"
agent: production-agent
policies:
  - name: data-access
    type: capability
    allowed_actions:
      - "data.read"
      - "data.write"
    denied_actions:
      - "shell:*"
      - "admin.*"
  - name: api-throttle
    type: rate_limit
    actions:
      - "api.*"
    max_calls: 100
    window: "1m"

# Python
pip install agent-governance-toolkit[full]

# TypeScript
npm install @microsoft/agent-governance-sdk

# .NET
dotnet add package Microsoft.AgentGovernance

# Rust
cargo add agentmesh

# Go
go get github.com/microsoft/agent-governance-toolkit/agent-governance-golang

Get Started

Core Concepts

Guides

Compliance

Reference

AGT Multi-Language SDKs: Python, TypeScript, .NET, Rust, Go

Core Governance Primitives

SDK Examples

Capability Matrix

Python-Only Capabilities

Policy YAML Portability

Build docs developers (and LLMs) love

Get Started

Core Concepts

Guides

Compliance

Reference

Documentation Index

​Core Governance Primitives

​SDK Examples

​Capability Matrix

​Python-Only Capabilities

​Policy YAML Portability

Build docs developers (and LLMs) love

Core Governance Primitives

SDK Examples

Capability Matrix

Python-Only Capabilities

Policy YAML Portability