Microsoft has released the Agent Governance Toolkit, an open-source project under an MIT license that applies operating system-style security patterns to autonomous AI agents. The toolkit is the first to address all 10 risk categories in the OWASP Top 10 for Agentic Applications, published in December 2025.

Seven Packages, Five Languages

The toolkit ships as a monorepo with seven independently installable packages available in Python, TypeScript, Rust, Go, and .NET. At its core, Agent OS functions as a stateless policy engine intercepting every agent action before execution, with p99 latency under 0.1 milliseconds. Agent Mesh handles cryptographic identity via decentralized identifiers and Ed25519 signing, while Agent Runtime introduces CPU-style execution rings with a kill switch for emergency termination.

Supporting modules cover SRE practices (circuit breakers, SLOs, chaos engineering), compliance automation mapped to the EU AI Act and HIPAA, a plugin marketplace with signed manifests, and governed reinforcement learning training workflows.

Framework-Agnostic by Design

Rather than replacing existing agent frameworks, the toolkit hooks into their native extension points. Integrations with LangChain, CrewAI, Google ADK, OpenAI Agents SDK, LlamaIndex, Haystack, LangGraph, and PydanticAI are already shipped, with several published on PyPI. Dify carries the governance plugin in its marketplace.

Why It Matters

As AI agents increasingly book travel, execute trades, and manage infrastructure autonomously, the gap between deployment ease and governance has widened. With the EU AI Act's high-risk obligations taking effect in August 2026, the timing is deliberate. Microsoft has stated plans to move the project into a foundation for community governance.