[Contrib] Agent-OS Governance Extension: Kernel-Level Policy Enforcement

[imran-siddique]

Summary

Adds kernel-level governance for AutoGen multi-agent conversations using Agent-OS.

Why This Matters

AutoGen enables powerful multi-agent conversations, but lacks built-in policy enforcement. This extension provides:

• Content Filtering: Block dangerous patterns (SQL injection, shell commands)
• Tool Control: Limit which tools agents can use
• Rate Limiting: Cap messages and tool calls per session
• Audit Trail: Full logging for compliance and debugging

Changes

• Added \python/packages/autogen-ext/src/autogen_ext/governance/\
  • _governance.py\ - GovernedAgent, GovernedTeam, GovernancePolicy classes
  • _init_.py\ - Public exports
  • \README.md\ - Documentation and examples

Example Usage

\\python
from autogen_ext.governance import GovernedTeam, GovernancePolicy
from autogen_agentchat.agents import AssistantAgent

Define policy

policy = GovernancePolicy(
max_tool_calls=10,
blocked_patterns=["DROP TABLE", "rm -rf"],
blocked_tools=["shell_execute"],
)

Create governed team

team = GovernedTeam(
agents=[analyst, reviewer],
policy=policy,
)

Run with governance

result = await team.run("Analyze Q4 sales")
audit = team.get_audit_log()
\\

Value for AutoGen Users

Feature	Without Extension	With Agent-OS
Content Filtering	Manual	Automatic
Tool Limits	None	Configurable
Audit Trail	DIY	Built-in
Policy Violations	Runtime errors	Controlled handling

Integration Path

This extension works standalone, but can also integrate with the full Agent-OS kernel for:

• GDPR/HIPAA compliance policies
• Cost control limits
• Human-in-the-loop approval flows
• Cross-framework governance

References

• Agent-OS: https://github.com/imran-siddique/agent-os
• Similar integration in Agent-Lightning: [Contrib] Agent-OS Integration: Kernel-Level Safety for RL Training agent-lightning#478

[codecov]

Codecov Report

❌ Patch coverage is 0% with 162 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.47%. Comparing base (13e144e) to head (c338201).

Files with missing lines	Patch %	Lines
...ogen-ext/src/autogen_ext/governance/_governance.py	0.00%	160 Missing ⚠️
...autogen-ext/src/autogen_ext/governance/__init__.py	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7212      +/-   ##
==========================================
- Coverage   81.22%   80.47%   -0.76%     
==========================================
  Files         244      246       +2     
  Lines       18512    18674     +162     
==========================================
- Hits        15036    15027       -9     
- Misses       3476     3647     +171     

Flag	Coverage Δ
unittests	80.47% <0.00%> (-0.76%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[imran-siddique]

Ready for Final Review 🙏

This PR has been open for a while. The AgentMesh trust layer integration is complete and tested.

Could a maintainer please provide a final review? Happy to address any remaining concerns.

Thank you!