Microsoft · 2026-04-02 · major
Microsoft Agent Governance Toolkit — Runtime Security for AI Agents
Microsoft open-sources a runtime security toolkit for AI agents that addresses all 10 OWASP Agentic AI risks with sub-millisecond policy enforcement, zero-trust identity, and execution sandboxing. MIT licensed with 1k+ stars.
The first open-source toolkit to address all 10 OWASP Agentic AI security risks with deterministic policy enforcement.
What is it?
The Agent Governance Toolkit is Microsoft's open-source runtime security framework for autonomous AI agents. It provides seven packages: Agent OS (policy engine), Agent Mesh (cryptographic identity), Agent Runtime (execution sandboxing), Agent SRE (observability), Agent Compliance (regulatory mapping), Agent Marketplace (plugin lifecycle), and Agent Lightning (RL governance).
How does it work?
The toolkit intercepts agent actions at sub-millisecond latency (0.012ms per rule) and evaluates them against policies written in YAML, OPA Rego, or Cedar. It enforces zero-trust identity using Ed25519 and quantum-safe ML-DSA-65 credentials with trust scoring. Execution sandboxing uses 4-tier privilege rings with saga orchestration and kill switches. Integrates with LangChain, CrewAI, AutoGen, and 20+ other frameworks.
Why does it matter?
As AI agents gain autonomy and access to real-world systems, security becomes critical. This is the first comprehensive toolkit addressing all OWASP Agentic Top 10 risks (prompt injection, excessive agency, improper output handling, etc.) with production-grade performance. The MCP Security Scanner specifically detects tool poisoning and typosquatting attacks.
Who is it for?
Teams deploying AI agents in production who need security, compliance, and observability.
Try it
pip install agent-governance-toolkit[full]Key numbers
- GitHub stars: 1k+
- Policy latency: 0.012ms
- Throughput: 35,481 ops/sec
- OWASP coverage: 10/10 risks