Skip to content

[Contrib] Agent-OS Governance Extension: Kernel-Level Policy Enforcement #7212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
imran-siddique wants to merge 1 commit into
base: main
Choose a base branch
from
+511 −0
Open

[Contrib] Agent-OS Governance Extension: Kernel-Level Policy Enforcement #7212

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
123 changes: 123 additions & 0 deletions python/packages/autogen-ext/src/autogen_ext/governance/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
# Agent-OS Governance Extension for AutoGen

This extension provides kernel-level governance for AutoGen multi-agent conversations using [Agent-OS](https://github.com/imran-siddique/agent-os).

## Features

- **Policy Enforcement**: Define rules for agent behavior
- **Tool Filtering**: Control which tools agents can use
- **Content Filtering**: Block dangerous patterns (SQL injection, shell commands)
- **Rate Limiting**: Limit messages and tool calls
- **Audit Trail**: Full logging of all agent interactions

## Installation

```bash
pip install autogen-ext[governance]
# or
pip install agent-os-kernel
```

## Quick Start

```python
from autogen_ext.governance import GovernedTeam, GovernancePolicy
from autogen_agentchat.agents import AssistantAgent
from autogen_ext.models.openai import OpenAIChatCompletionClient

# Create policy
policy = GovernancePolicy(
max_tool_calls=10,
max_messages=50,
blocked_patterns=["DROP TABLE", "rm -rf", "DELETE FROM"],
blocked_tools=["shell_execute"],
require_human_approval=False,
)

# Create agents
model = OpenAIChatCompletionClient(model="gpt-4o")
analyst = AssistantAgent("analyst", model_client=model)
reviewer = AssistantAgent("reviewer", model_client=model)

# Create governed team
team = GovernedTeam(
agents=[analyst, reviewer],
policy=policy,
)

# Run with governance
result = await team.run("Analyze Q4 sales data")

# Get audit log
audit = team.get_audit_log()
print(f"Total events: {len(audit)}")
```

## Policy Options

```python
GovernancePolicy(
# Limits
max_messages=100, # Max messages per session
max_tool_calls=50, # Max tool invocations
timeout_seconds=300, # Session timeout

# Tool Control
allowed_tools=["code_executor", "web_search"], # Whitelist
blocked_tools=["shell_execute"], # Blacklist

# Content Filtering
blocked_patterns=["DROP TABLE", "rm -rf"],
max_message_length=50000,

# Approval
require_human_approval=False,
approval_tools=["database_write"], # Tools needing approval

# Audit
log_all_messages=True,
)
```

## Handling Violations

```python
def on_violation(error):
print(f"BLOCKED: {error.policy_name} - {error.description}")
# Send alert, log to SIEM, etc.

team = GovernedTeam(
agents=[agent1, agent2],
policy=policy,
on_violation=on_violation,
)
```

## Integration with Agent-OS Kernel

For full kernel-level governance with signals, checkpoints, and policy languages:

```python
from agent_os import KernelSpace
from agent_os.policies import SQLPolicy, CostControlPolicy

# Create kernel with policies
kernel = KernelSpace(policy=[
SQLPolicy(allow=["SELECT"], deny=["DROP", "DELETE"]),
CostControlPolicy(max_cost_usd=100),
])

# Wrap AutoGen team in kernel
@kernel.register
async def run_team(task: str):
return await team.run(task)

# Execute with full governance
result = await kernel.execute(run_team, "Analyze data")
```

## Links

- [Agent-OS GitHub](https://github.com/imran-siddique/agent-os)
- [AutoGen Documentation](https://microsoft.github.io/autogen/)
- [Governance Best Practices](https://github.com/imran-siddique/agent-os/blob/main/docs/governance.md)
47 changes: 47 additions & 0 deletions python/packages/autogen-ext/src/autogen_ext/governance/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Copyright (c) Microsoft. All rights reserved.

"""
Agent-OS Governance Extension for AutoGen
==========================================

Provides kernel-level governance for AutoGen multi-agent conversations.

Features:
- Policy enforcement for agent messages
- Tool call filtering and limits
- Content pattern blocking
- Human approval workflows
- Full audit trail

Example:
>>> from autogen_ext.governance import GovernedTeam, GovernancePolicy
>>> from autogen_agentchat.agents import AssistantAgent
>>>
>>> policy = GovernancePolicy(
... max_tool_calls=10,
... blocked_patterns=["DROP TABLE", "rm -rf"],
... require_human_approval=False,
... )
>>>
>>> team = GovernedTeam(
... agents=[agent1, agent2],
... policy=policy,
... )
>>> result = await team.run("Analyze this data")
"""

from ._governance import (
GovernancePolicy,
GovernedAgent,
GovernedTeam,
PolicyViolationError,
ExecutionContext,
)

__all__ = [
"GovernancePolicy",
"GovernedAgent",
"GovernedTeam",
"PolicyViolationError",
"ExecutionContext",
]
Loading
Loading