- Home
- Skills
- Github
- Awesome Copilot
- Agent Governance
agent-governance_skill
- JavaScript
- Official
22.8k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill github/awesome-copilot --skill agent-governance- SKILL.md18.1 KB
Overview
This skill captures patterns and techniques for adding governance, safety, and trust controls to AI agent systems. It describes composable policies, intent classification, tool-level enforcement, trust scoring, and append-only audit trails to keep agents accountable and safe. Use the patterns with any agent framework to limit capabilities, detect dangerous prompts, and maintain compliance.
How this skill works
The skill inspects agent inputs and tool invocations through a layered pipeline: intent classification runs first to flag risky prompts, then policy checks (allowlist/blocklist, content filters, rate limits, and approval gates) decide whether to allow, review, or deny actions. Tool calls are wrapped with decorators that enforce policy and record audit entries. Trust scores track agent reliability over time and can gate sensitive operations.
When to use it
- When agents call external tools (APIs, databases, shell commands) and need constrained access
- For multi-agent workflows where delegation requires trust boundaries and selection
- In production deployments with compliance, auditing, or safety requirements
- When preventing data exfiltration, privilege escalation, or prompt injection
- To enforce rate limits, content filters, or require human approval for risky actions
Best practices
- Model policies as serializable configuration (YAML/JSON) and compose them from broad to specific with most-restrictive-wins semantics
- Run semantic intent classification before any tool execution to block or flag dangerous prompts early
- Wrap every external tool with a governance decorator that enforces policy and appends audit events
- Use decay-based trust scores to adjust autonomy over time and gate sensitive operations by threshold
- Keep an append-only audit trail (JSONL) for denied actions and human review, and export logs to aggregation systems
Example use cases
- Govern a support bot that can search docs and create tickets but cannot access customer SSNs
- Block prompt-injection attempts before they trigger dangerous tool calls like shell_exec
- Maintain trust scores for multiple worker agents and choose the most trusted delegate for a task
- Enforce per-request rate limits and content pattern checks on document retrieval tools
- Produce auditable JSONL logs for compliance reviews and security investigations
FAQ
Compose policies with most-restrictive-wins: merge blocklists and patterns, intersect allowed tool lists, and take the minimum rate limit.
When should intent classification run?
Always run intent classification as a pre-flight check before policy evaluation and any tool execution to catch malicious prompts early.