v0.1.1 Draft

Open Agent Governance Specification

An open specification for identity, policy, enforcement, audit, and verification of autonomous AI agents.

Core Primitives

Five pillars of agent governance

OAGS defines five composable primitives that work together to make AI agent behavior auditable, predictable, and verifiable.

Deterministic Identity

Content-addressable agent IDs via BLAKE3 hash of model, prompt, and tools. Same configuration always produces the same identity.

Policy Declaration

Declarative constraints on network access, filesystem, tools, models, APIs, and rate limits defined in sekuire.yml.

Runtime Enforcement

Policies enforced at execution time with allow, deny, and warn decisions. Not just documentation - actual runtime checks.

Audit Trail

Structured, tamper-evident event logging with optional Ed25519 signing. Every policy decision is recorded.

Cryptographic Verification

Multi-stage security scoring with compliance framework support. Verify agent behavior against declared policy.

How It Works

Three steps to governed agents

Define

sekuire.yml

Declare your agent’s identity, permitted tools, network access, and runtime constraints in a single configuration file.

Enforce

Runtime Checks

The SDK enforces declared policies at execution time. Every tool call, network request, and API access is checked against policy.

Verify

Audit + Signatures

Generate tamper-evident audit trails with Ed25519 signatures. Third parties can independently verify agent compliance.

Conformance

Three levels of compliance

Implementations can conform at different levels, allowing incremental adoption.

Identity + Policy

Agent computes SekuireID from BLAKE3 hash
Declares policy in sekuire.yml
Policy schema validates correctly

Runtime Enforcement

Everything in Level 1
Runtime enforcement of declared policies
PolicyDecision events for every action
Deny/warn on policy violations

Verifiable Audit Trail

Everything in Level 2
Ed25519 signed audit events
Third-party verification support
Compliance framework scoring

Example

sekuire.yml

A single file defines your agent's identity, policies, and audit configuration.

sekuire.yml

agent:
  name: "my-agent"
  version: "1.0.0"
  model: "claude-sonnet-4-20250514"

identity:
  signing_key_path: "./keys/agent.ed25519"

policy:
  network:
    allowed_domains:
      - "api.openai.com"
      - "api.anthropic.com"
    deny_all_other: true

  tools:
    allowed:
      - "web_search"
      - "file_read"
    require_confirmation:
      - "file_write"
      - "shell_execute"

  rate_limits:
    max_requests_per_minute: 60
    max_tokens_per_hour: 100000

  audit:
    level: "full"
    sign_events: true

Implementations

Get started with any language

Official SDKs and tools that implement the OAGS specification. TypeScript and CLI are available now. Python and Rust are coming soon.

TypeScript SDK

Available

Multi-provider LLM support, local policy enforcement, structured audit logging.

npm install @sekuire/sdk

Python SDK

Coming Soon

Reference Python implementation is in progress and will be released soon.

Installation command will be published at launch.

Rust SDK

Coming Soon

Reference Rust implementation is in progress and will be released soon.

Installation command will be published at launch.

CLI

Available

Init projects, generate Ed25519 keys, compute identity hashes, publish and verify agents.

cargo install sekuire-agent-cli

Community

Built in the open

OAGS is an open specification. Contributions, feedback, and implementations are welcome.

Report a Bug

Found an issue in the spec or an SDK? Open a bug report on GitHub.

Propose a Change

Have an idea for the specification? Open an RFC to start a discussion.

Open an Issue

General questions, feedback, or anything else - create a new issue.

Contributing Guide

Learn how to propose changes, submit RFCs, and contribute to the specification.

Code of Conduct

We are committed to providing a welcoming and inclusive environment for everyone.

Browse Issues

See existing discussions, bugs, and feature requests on GitHub.