Authorized Governance Execution Context for AI agents
Project description
AGEC
Pre-execution governance layer for AI agents.
Every AI agent action should be authorized before execution. AGEC validates intent, semantic context, execution path, and data processing permissions before any tool call is executed. It provides deterministic authorization, replayable decisions, and auditability for autonomous AI agents.
Installation
pip install agec
Quick Start
from agec import guard, AGECBlockedError
@guard(
intent="send_email",
purpose="customer_support",
allowed_tools=["gmail.send"],
legal_basis="consent",
)
def send_email() -> str:
return "Email sent."
@guard(
intent="transfer_money",
purpose="unknown",
allowed_tools=["bank.transfer"],
intent_confidence=0.48, # below the 0.7 threshold
)
def unsafe_transfer() -> str:
return "Transferred $1M."
print(send_email()) # → Email sent.
try:
unsafe_transfer()
except AGECBlockedError as exc:
print("AGEC BLOCKED EXECUTION")
print(f"Reason: {exc.reason}")
print(f"Audit ID: {exc.agec.agec_id}")
If validation fails, execution is blocked before the wrapped function runs.
Why AGEC?
Traditional authorization systems answer:
Can this identity access this resource?
AGEC answers a different question:
Should this exact action execute right now?
AGEC introduces a mandatory governance layer between agent planning and tool execution — combining intent validation, policy enforcement, and tamper-evident audit logging in a single decorator.
What AGEC Validates
| Check | What it enforces |
|---|---|
| Intent | Declared intent must be in the policy allowlist |
| Confidence | Intent confidence must meet the minimum threshold |
| Execution path | Every tool step must be explicitly permitted |
| Purpose | Data processing purpose must be allowed |
| Legal basis | GDPR-aligned legal basis must be declared and allowed |
| Data categories | Blocked data categories are rejected before execution |
| Expiry (TTL) | Stale contexts are cancelled automatically |
Architecture
User
│
AI Agent (planning)
│
AGEC ◄─── Policy + Validator
│ │
│ AuditLog ──► audit.jsonl (optional)
│
Tool Execution
Lower-Level API
from agec import AGEC, Intent, ExecutionPath, DataPermissions, Policy, AGECValidator
policy = Policy(
allowed_intents=["send_email"],
allowed_tools=["gmail.send"],
allowed_purposes=["customer_support"],
allowed_legal_bases=["consent", "contract"],
)
agec = AGEC(
intent=Intent(type="send_email", confidence=0.95),
context={"user_id": "123"},
execution_path=ExecutionPath(path_id="email_path", steps=["gmail.send"]),
data_permissions=DataPermissions(
purpose="customer_support",
legal_basis="consent",
allowed_operations=["send"],
data_categories=["email"],
),
)
validator = AGECValidator(policy)
result = validator.validate(agec)
print(result.allowed) # True
print(result.reason) # AGEC validation passed.
print(agec.status) # AGECStatus.ACTIVE
Persisting the Audit Log
from agec import AuditLog
log = AuditLog()
# ... pass log to AGECValidator(policy, audit_log=log) ...
# Save all recorded events to disk
log.save_json("audit.jsonl")
# Reload later for replay or compliance review
restored = AuditLog.load_json("audit.jsonl")
Roadmap
- OpenAI Agents SDK adapter
- LangGraph adapter
- CrewAI adapter
- AutoGen adapter
- CLI demo runner
- Policy manifest (YAML/JSON) support
- Replayable audit log (JSON persistence)
- Deterministic execution path hashing
Contributing
See CONTRIBUTING.md.
Changelog
See CHANGELOG.md.
License
Apache-2.0
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file agec-0.1.0.tar.gz.
File metadata
- Download URL: agec-0.1.0.tar.gz
- Upload date:
- Size: 13.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d615895a36db38c47f82e2a44e2e963913fd7ab9e53492285bc105400bc194e6
|
|
| MD5 |
cad76dc7f185347afab1e4269a75b8fe
|
|
| BLAKE2b-256 |
cd88e7f5f17aff19223629677ccacf2113c89673fc32398f6b39482697ba3d05
|
File details
Details for the file agec-0.1.0-py3-none-any.whl.
File metadata
- Download URL: agec-0.1.0-py3-none-any.whl
- Upload date:
- Size: 11.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
95095bd1057928d62fa720527a5e16a16f9c3fe6ee59f0d7ed4bb45d159b0682
|
|
| MD5 |
be25b165205dcbc938ffcc08a7362324
|
|
| BLAKE2b-256 |
3167899753eec59d3e2ee7cf139908e2b66df4af11d6393b0cea102270e6fea1
|