← Back to article
Open article →
Microsoft Agent Governance Toolkit Guide 2026
Evidence notes document the bounded local or source-based checks behind an Effloow article. They are not product endorsements, legal advice, or benchmark claims.
Slug: microsoft-agent-governance-toolkit-guide-2026 Track: paper-poc Date: 2026-05-06 Environment: macOS Darwin 24.6.0, Python 3.10+ required
Objective
Verify installability, package structure, policy engine API surface, and framework integration patterns for Microsoft's Agent Governance Toolkit as published on PyPI and GitHub.
Package Verification
PyPI Availability
Confirmed at pypi.org/project/agent_governance_toolkit/:
- Package:
agent_governance_toolkit - Install:
pip install agent-governance-toolkit[full] - Individual packages also available:
pip install agent-os-kernel— policy enforcementpip install agentmesh-platform— zero-trust identitypip install agent-sre— reliability engineering
- Requirements: Python 3.10+, Node.js 18+, or .NET 8.0+ (any one or more)
- License: MIT
GitHub Repository
- Repo: github.com/microsoft/agent-governance-toolkit
- MIT license confirmed via README
- Monorepo with seven independently installable packages
- QUICKSTART.md available at root:
python examples/quickstart.py(30-line boot) python examples/governed_agent.py— full 4-layer example
Architecture: Seven Packages
Confirmed from Microsoft Open Source Blog (April 2, 2026) and GitHub ARCHITECTURE.md:
| Package | Purpose | Install |
|---|---|---|
| agent-os-kernel | Stateless policy engine, <0.1ms p99 latency | pip install agent-os-kernel |
| agentmesh-platform | Zero-trust identity (DID + Ed25519 signing) | pip install agentmesh-platform |
| agent-runtime | Execution rings, saga orchestration, kill switch | included in [full] |
| agent-compliance | Regulatory grading (EU AI Act, HIPAA, SOC2) | pip install agent-compliance |
| agent-marketplace | Plugin lifecycle, supply-chain security | included in [full] |
| agent-lightning | RL training governance | included in [full] |
| agent-sre | Reliability engineering | pip install agent-sre |
Policy API Surface (from GitHub docs/tutorials/01-policy-engine.md)
from agent_governance import PolicyEngine, GovernanceCallbackHandler
# YAML-based policy
policy_engine = PolicyEngine.from_yaml("governance-policies.yaml")
# LangChain callback handler pattern
agent = create_react_agent(
llm=llm,
tools=tools,
callbacks=[GovernanceCallbackHandler(policy_engine)]
)
Policy languages supported: YAML rules (simple), OPA Rego (complex conditional), Cedar (attribute-based).
# Example governance-policies.yaml (from official docs)
version: "1.0"
policies:
- id: block-pii-exfiltration
action: tool_call
condition: "tool.name in ['send_email', 'post_slack'] and 'SSN' in args.body"
effect: DENY
reason: "PII exfiltration blocked"
- id: require-human-approval
action: file_write
condition: "file.path startswith '/etc/' or file.path startswith '/var/'"
effect: HUMAN_APPROVAL_REQUIRED
timeout_seconds: 300
CrewAI Integration Pattern
from agent_governance import PolicyEngine
from agent_governance.integrations.crewai import GovernanceTaskDecorator
policy_engine = PolicyEngine.from_yaml("governance-policies.yaml")
@GovernanceTaskDecorator(policy_engine)
def research_task(agent, context):
return agent.execute(context)
Performance Figures (from Microsoft Open Source Blog)
- Policy enforcement latency: <0.1ms p99 (sub-millisecond)
- Comparison: ~10,000× faster than a typical LLM API call (~1000ms)
- OWASP Agentic AI Top 10: all 10 risks addressed (first toolkit to do so)
Regulatory Compliance Mappings (from GitHub docs/compliance/eu-ai-act-checklist.md)
- EU AI Act high-risk obligations: enforcement August 2026
- Colorado AI Act: enforcement June 2026 (currently under legislative revision as of May 2026)
- HIPAA: logs map to audit trail requirements
- SOC2: policy enforcement maps to CC6.1, CC7.1 controls
Limitations
- Live install was not performed in sandbox (no Python 3.10+ sandbox available in this run). All package names, API surfaces, and code patterns are sourced from PyPI, GitHub, and official Microsoft blog posts (April 2, 2026).
- The
agent_governance_toolkitPyPI page was confirmed accessible at research time. - Code examples sourced from GitHub tutorials — not executed and verified for runtime correctness.
agent-lightning(RL governance) documentation is sparse as of April 2026; not covered in depth.
Sources
- Microsoft Open Source Blog: https://opensource.microsoft.com/blog/2026/04/02/introducing-the-agent-governance-toolkit-open-source-runtime-security-for-ai-agents/
- GitHub: https://github.com/microsoft/agent-governance-toolkit
- PyPI: https://pypi.org/project/agent_governance_toolkit/
- Microsoft Tech Community (Architecture Deep Dive): https://techcommunity.microsoft.com/blog/linuxandopensourceblog/agent-governance-toolkit-architecture-deep-dive-policy-engines-trust-and-sre-for/4510105
- Microsoft Tech Community (App Service): https://techcommunity.microsoft.com/blog/appsonazureblog/govern-ai-agents-on-app-service-with-the-microsoft-agent-governance-toolkit/4510962
- Help Net Security: https://www.helpnetsecurity.com/2026/04/03/microsoft-ai-agent-governance-toolkit/
- InfoWorld: https://www.infoworld.com/article/4155591/microsofts-new-agent-governance-toolkit-targets-top-owasp-risks-for-ai-agents.html
Read the article
This note supports the public article and records what was actually checked.