Skip to main content

Runtime-agnostic governed agent execution — Community Edition

Project description

Sovereign AgentOps — Community Edition

Runtime-agnostic governed agent execution — demo and evaluation edition

License Version Build

What is this?

A standalone demonstration server for the governed MCP execution layer concept. It provides 7 MCP tools that showcase policy enforcement, Ed25519-signed execution receipts, workspace path jailing, and local model routing — with real cryptography, not simulations.

The full Enterprise platform (98 MCP tools, 455+ endpoints, 91+ web UI tabs, constitutional governance, service catalogue, compliance automation, fleet command, agent-owned assets, digital twin simulation, and autonomous incident resolution) is available under a commercial license.

Quickstart

# 1. Install dependencies
pip install cryptography>=41.0.0

# 2. Run the MCP governance server (JSON-RPC over stdio)
python3 tools/mcp_server.py

In another terminal, send it commands:

# List available tools
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | python3 tools/mcp_server.py

# Check if a command is allowed by policy
echo '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"demo_policy_check","arguments":{"command":"git push origin main","path":"/workspace/repo"}}}' | python3 tools/mcp_server.py

# Sign an execution receipt with real Ed25519
echo '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"demo_receipt_sign","arguments":{"action":"deploy","target":"web-app"}}}' | python3 tools/mcp_server.py

Docker

docker compose up --build

The server runs in stdio mode inside the container. Send commands via stdin:

echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' \
  | docker exec -i agentops-demo python3 tools/mcp_server.py

Tools

Tool Description
demo_policy_check Evaluate whether a command + path is allowed/blocked by policy
demo_receipt_sign Create an Ed25519-signed execution receipt
demo_receipt_verify Verify a receipt's Ed25519 signature
demo_model_route Show which local LLM endpoint would handle a prompt
demo_workspace_jail Check whether a path is confined within a workspace root
demo_audit_log Return recent entries from the in-memory signed audit log
demo_server_info Server metadata: version, public key, crypto backend

Receipt Verification

Every signed receipt includes the server's Ed25519 public key. Use the included CLI tool to verify:

# The server prints its public key on startup (stderr) and in every signed receipt
python3 cli/receipt-verify.py --verify path/to/receipt.json

The server generates a fresh Ed25519 keypair on first run, stored at ~/.config/agentops/ed25519_private.key (permissions 0o400).

Why Sovereign AgentOps?

Teams adopting AI coding agents in regulated environments need to control what commands agents can run, audit every action with cryptographic proof, and operate entirely offline. This community edition demonstrates the concept with real crypto and real policy enforcement — the Enterprise platform delivers the full production stack.

Feature Comparison

Feature Community Enterprise
Policy enforcement (allow/block/detect) 7 demo tools Full production stack
Ed25519-signed execution receipts Yes Yes
Receipt verification CLI Yes Yes
Workspace path jail Demo Full enforcement
Model routing heuristic Demo 15+ provider routing
Signed audit log In-memory SQLite hash-chain
MCP tools 7 demo tools 98 tools (93 static + 5 plugins)
Constitutional governance No 6-layer (Cortex, Policy, Autonomy, Memory, Federation)
Web UI No 91+ tabs (Flask + SocketIO)
PostgreSQL / Redis persistence No Yes
Agent orchestration No Capability registry, message bus, DAG
Service catalogue No Auto-discovery, health, SLA
Observability hub No LLM tracing, SLOs, cost analytics
Compliance automation (SOC2/HIPAA/PCI) No Weighted scoring, PDF reports, SoD
Fleet command No Multi-instance, heartbeat, treaty-gated
Agent-owned assets No Token/data/compute/artifact/credential
Digital twin simulator No What-if analysis, scenario sim
Autonomous incident resolution No ML diagnosis, auto-resolve, pattern learning
Self-negotiating treaties No 6 treaty types, dual-signed
SSO (SAML/OIDC) No Yes
RBAC custom roles No Yes
High-availability cluster No Yes
Commercial license Apache 2.0 Enterprise EULA

Documentation

License

Community Edition is open source under Apache 2.0 with an Enterprise Edition exclusion clause. See LICENSE.community for details.

Enterprise Edition features require a commercial license from FinBridge.


Built on the MCP protocol. Governance, not lock-in.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sovereign_agentops_community-2.1.5.tar.gz (16.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sovereign_agentops_community-2.1.5-py3-none-any.whl (14.1 kB view details)

Uploaded Python 3

File details

Details for the file sovereign_agentops_community-2.1.5.tar.gz.

File metadata

File hashes

Hashes for sovereign_agentops_community-2.1.5.tar.gz
Algorithm Hash digest
SHA256 055bd4f062fe051a7b70ea96c44050a179910a35dd9d4405bf89fd6fa0efd6b1
MD5 650025046df5b4012e540da28d9b5b20
BLAKE2b-256 0028eeffd658a3ed3d1ffb2b964a8dd6a256425c541e37bddad4b17f865afeb5

See more details on using hashes here.

File details

Details for the file sovereign_agentops_community-2.1.5-py3-none-any.whl.

File metadata

File hashes

Hashes for sovereign_agentops_community-2.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 86046055ae1c691d303535c072a11a3ad05993bb558c0843b9ab085442a8358d
MD5 f040a5b274a4d60dd3380cd6668618c8
BLAKE2b-256 f7ba30a760fe2abcec1ff4b49e9db6c65946292e58283ca6da93d795706d3450

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page