You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jun 23, 2026. It is now read-only.
Runtime safety primitives for AI agent systems. Zero third-party dependencies.
4
10
5
-
```
11
+
```bash
6
12
pip install -e ".[test]"
7
13
python -m pytest -v
8
14
```
@@ -42,19 +48,21 @@ Five production-grade governance primitives for AI agent systems, extracted from
42
48
|`governance_bus.py`| Append-only JSONL audit log with SHA256 content hashing, thread-safe writes, and query by agent/type/time |~80 |
43
49
|`agent_runner.py`| Execution harness wiring all four primitives into a single `execute()` call with full audit trail |~60 |
44
50
45
-
## Why This Matters
51
+
## OWASP Coverage
46
52
47
-
These primitives address 7 of 10 risks in the [OWASP Top 10 for Agentic Applications](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/):
53
+
These five primitives address 7 of 10 risks in the [OWASP Top 10 for Agentic Applications](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/):
|**ASI10** Rogue Agents |[agent_runner.py](src/agent_governance/agent_runner.py)| Token verification before every execution; audit trail on every action |
64
+
65
+
**Need 10/10?** The production library [`hummbl-governance`](https://github.com/hummbl-dev/hummbl-governance) covers all 10 risks with 20 primitives, 583 tests, and the same zero-dependency guarantee. See the [full OWASP mapping](https://hummbl.io/owasp.html).
58
66
59
67
## Test Suite
60
68
@@ -63,19 +71,21 @@ $ python -m pytest -v
63
71
64
72
tests/test_kill_switch.py 15 tests
65
73
tests/test_circuit_breaker.py 14 tests
66
-
tests/test_delegation_token.py 15 tests
67
-
tests/test_governance_bus.py 10 tests
74
+
tests/test_delegation_token.py 11 tests
75
+
tests/test_governance_bus.py 8 tests
68
76
tests/test_integration.py 10 tests
69
77
--------
70
-
64 tests, 0 dependencies
78
+
58 tests, 0 dependencies
71
79
```
72
80
73
81
The integration test tells a complete story: agent starts, executes tasks successfully, encounters failures, circuit breaker trips, kill switch engages, governance bus records every event.
74
82
75
83
## Background
76
84
77
-
Built by [Reuben Bowlby](https://github.com/rpbowlby) as part of [HUMMBL](https://hummbl.io)'s AI governance platform. The production version (`pip install hummbl-governance`) has 476 tests across 20 modules. This repo is a clean-room demonstration of the core patterns.
85
+
Built by [Reuben Bowlby](https://github.com/hummbl-dev) as part of [HUMMBL](https://hummbl.io)'s AI governance platform. The production version ([`pip install hummbl-governance`](https://pypi.org/project/hummbl-governance/)) has 583 tests across 20 modules. This repo is a clean-room demonstration of the core patterns.
86
+
87
+
For the formal governance primitive underlying these mitigations, see [The Governance Tuple](https://doi.org/10.5281/zenodo.19646940) (Bowlby, 2026).
0 commit comments