Runtime-agnostic governed agent execution — Community Edition
Project description
Sovereign AgentOps — Community Edition
Runtime-agnostic governed agent execution — demo and evaluation edition
What is this?
A standalone demonstration server for the governed MCP execution layer concept. It provides 7 MCP tools that showcase policy enforcement, Ed25519-signed execution receipts, workspace path jailing, and local model routing — with real cryptography, not simulations.
The full Enterprise platform (98 MCP tools, 455+ endpoints, 91+ web UI tabs, constitutional governance, service catalogue, compliance automation, fleet command, agent-owned assets, digital twin simulation, and autonomous incident resolution) is available under a commercial license.
Quickstart
# 1. Install dependencies
pip install cryptography>=41.0.0
# 2. Run the MCP governance server (JSON-RPC over stdio)
python3 tools/mcp_server.py
In another terminal, send it commands:
# List available tools
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | python3 tools/mcp_server.py
# Check if a command is allowed by policy
echo '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"demo_policy_check","arguments":{"command":"git push origin main","path":"/workspace/repo"}}}' | python3 tools/mcp_server.py
# Sign an execution receipt with real Ed25519
echo '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"demo_receipt_sign","arguments":{"action":"deploy","target":"web-app"}}}' | python3 tools/mcp_server.py
Docker
docker compose up --build
The server runs in stdio mode inside the container. Send commands via stdin:
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' \
| docker exec -i agentops-demo python3 tools/mcp_server.py
Tools
| Tool | Description |
|---|---|
demo_policy_check |
Evaluate whether a command + path is allowed/blocked by policy |
demo_receipt_sign |
Create an Ed25519-signed execution receipt |
demo_receipt_verify |
Verify a receipt's Ed25519 signature |
demo_model_route |
Show which local LLM endpoint would handle a prompt |
demo_workspace_jail |
Check whether a path is confined within a workspace root |
demo_audit_log |
Return recent entries from the in-memory signed audit log |
demo_server_info |
Server metadata: version, public key, crypto backend |
Receipt Verification
Every signed receipt includes the server's Ed25519 public key. Use the included CLI tool to verify:
# The server prints its public key on startup (stderr) and in every signed receipt
python3 cli/receipt-verify.py --verify path/to/receipt.json
The server generates a fresh Ed25519 keypair on first run, stored at
~/.config/agentops/ed25519_private.key (permissions 0o400).
Why Sovereign AgentOps?
Teams adopting AI coding agents in regulated environments need to control what commands agents can run, audit every action with cryptographic proof, and operate entirely offline. This community edition demonstrates the concept with real crypto and real policy enforcement — the Enterprise platform delivers the full production stack.
Feature Comparison
| Feature | Community | Enterprise |
|---|---|---|
| Policy enforcement (allow/block/detect) | 7 demo tools | Full production stack |
| Ed25519-signed execution receipts | Yes | Yes |
| Receipt verification CLI | Yes | Yes |
| Workspace path jail | Demo | Full enforcement |
| Model routing heuristic | Demo | 15+ provider routing |
| Signed audit log | In-memory | SQLite hash-chain |
| MCP tools | 7 demo tools | 98 tools (93 static + 5 plugins) |
| Constitutional governance | No | 6-layer (Cortex, Policy, Autonomy, Memory, Federation) |
| Web UI | No | 91+ tabs (Flask + SocketIO) |
| PostgreSQL / Redis persistence | No | Yes |
| Agent orchestration | No | Capability registry, message bus, DAG |
| Service catalogue | No | Auto-discovery, health, SLA |
| Observability hub | No | LLM tracing, SLOs, cost analytics |
| Compliance automation (SOC2/HIPAA/PCI) | No | Weighted scoring, PDF reports, SoD |
| Fleet command | No | Multi-instance, heartbeat, treaty-gated |
| Agent-owned assets | No | Token/data/compute/artifact/credential |
| Digital twin simulator | No | What-if analysis, scenario sim |
| Autonomous incident resolution | No | ML diagnosis, auto-resolve, pattern learning |
| Self-negotiating treaties | No | 6 treaty types, dual-signed |
| SSO (SAML/OIDC) | No | Yes |
| RBAC custom roles | No | Yes |
| High-availability cluster | No | Yes |
| Commercial license | Apache 2.0 | Enterprise EULA |
Documentation
- Architecture Overview — governance layer design
- Security Model — defense-in-depth architecture
- Contributing Guide — how to contribute
- Changelog — release history
License
Community Edition is open source under Apache 2.0 with an Enterprise Edition exclusion clause. See LICENSE.community for details.
Enterprise Edition features require a commercial license from FinBridge.
Built on the MCP protocol. Governance, not lock-in.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sovereign_agentops_community-2.1.5.tar.gz.
File metadata
- Download URL: sovereign_agentops_community-2.1.5.tar.gz
- Upload date:
- Size: 16.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
055bd4f062fe051a7b70ea96c44050a179910a35dd9d4405bf89fd6fa0efd6b1
|
|
| MD5 |
650025046df5b4012e540da28d9b5b20
|
|
| BLAKE2b-256 |
0028eeffd658a3ed3d1ffb2b964a8dd6a256425c541e37bddad4b17f865afeb5
|
File details
Details for the file sovereign_agentops_community-2.1.5-py3-none-any.whl.
File metadata
- Download URL: sovereign_agentops_community-2.1.5-py3-none-any.whl
- Upload date:
- Size: 14.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
86046055ae1c691d303535c072a11a3ad05993bb558c0843b9ab085442a8358d
|
|
| MD5 |
f040a5b274a4d60dd3380cd6668618c8
|
|
| BLAKE2b-256 |
f7ba30a760fe2abcec1ff4b49e9db6c65946292e58283ca6da93d795706d3450
|