AIGP Governance Server — agentic governance engine (scope envelopes, circuit breakers, delegation)
Project description
aigp-server — AIGP Governance Engine
Server-side governance engine for the AI Governance Protocol (AIGP). Evaluates agentic governance decisions: tool authorization, plan approval, delegation with scope narrowing, circuit breakers, and memory governance.
Install
pip install aigp-server
Usage
from aigp_server import (
GovernanceEngine, GovernanceStore, AigpRouter,
ScopeEnvelopeManager, CircuitBreakerService,
)
# 1. Implement the storage interface for your DB
class MyStore(GovernanceStore):
async def put_scope_envelope(self, envelope: dict) -> None: ...
async def get_active_scope(self, agent_id: str) -> dict | None: ...
# ... (see store.py for full interface)
# 2. Wire up the engine
store = MyStore()
scope_mgr = ScopeEnvelopeManager(store)
cb = CircuitBreakerService(store)
engine = GovernanceEngine(store, scope_mgr, cb, mode="ENFORCE")
# 3. Create the router (framework-agnostic)
router = AigpRouter(engine, hmac_secret="your-secret")
# 4. Handle requests — returns (status_code, response_dict)
status, response = await router.handle_tool_request(headers_dict, body_bytes)
status, response = await router.handle_plan_submit(headers_dict, body_bytes)
status, response = await router.handle_escalate(headers_dict, body_bytes)
status, response = await router.handle_delegate(headers_dict, body_bytes)
status, response = await router.handle_memory_write(headers_dict, body_bytes)
Architecture
aigp-server/
store.py — GovernanceStore ABC (implement for your DB)
governance_engine.py — Core decision engine (6 handlers)
scope_manager.py — Scope envelope lifecycle + SoD + templates
circuit_breaker.py — 3-state machine with cascading halt
routes.py — Framework-agnostic router (HMAC + dispatch)
hmac_auth.py — HMAC-SHA256 verify/sign utilities
Handlers
| Handler | RFC §15 | Decision |
|---|---|---|
handle_tool_request |
§15.6 | ALLOW / DENY (scope + budget + circuit breaker) |
handle_plan_submit |
§15.8 | APPROVED / APPROVED_WITH_MODIFICATIONS / REJECTED |
handle_step_complete |
— | Budget decrement + circuit breaker outcome |
handle_escalate |
§15.9 | Creates pending task for human review |
handle_delegate |
§15.10 | Scope narrowing (A ∩ B), depth limit (max 5) |
handle_memory_write |
§15.13 | Classification + retention + isolation check |
Modes
| Mode | Behavior |
|---|---|
REPORT |
Log denials but return ALLOW (shadow mode) |
REPORT-TRACE |
Same as REPORT + emit trace telemetry |
ENFORCE |
Deny violations (fail-closed) |
License
Proprietary — © 2025-2026 Evan Erwee. All rights reserved.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aigp_server-0.1.0.tar.gz.
File metadata
- Download URL: aigp_server-0.1.0.tar.gz
- Upload date:
- Size: 8.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f2eb04c7f1c3b69e25c850bc0ee05132f63c2f0e1979e75dfa6a0ff54562ccdf
|
|
| MD5 |
8a88086bebf5b00194c198b64ff182d5
|
|
| BLAKE2b-256 |
c1744c44061da5c2d00cbcdba927089cc305a921010e085a6299a2b1a299727a
|
File details
Details for the file aigp_server-0.1.0-py3-none-any.whl.
File metadata
- Download URL: aigp_server-0.1.0-py3-none-any.whl
- Upload date:
- Size: 11.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
15e435e33abc780d76b5e8b09ae7bd92aa4b3daf9e422a7ff8e0465a647c34e9
|
|
| MD5 |
a7d6f3340964ffd7aad9cf3c111eb239
|
|
| BLAKE2b-256 |
cd88e109aa23c63589c683e74078e83038a508b2bbb5bdfb35d971c3207a2f62
|
