Collaboration: Governance controls mapping for Agent Spec #125
Description
We consolidated our agent governance work into microsoft/agent-governance-toolkit and wanted to continue the conversation about governance controls in the Agent Spec context.
Background: Our toolkit implements runtime governance primitives - policy enforcement, capability sandboxing, audit trails, trust verification - covering 9/10 OWASP Agentic Top 10 risks. We've been thinking about how these map to specification-level controls.
Where we see potential alignment:
-
Capability declarations in agent specs - Our ring-based permission model (Ring 0-3) defines what an agent can access. This could inform a standard way to declare agent capabilities and restrictions in a spec.
-
Trust and identity requirements - Our inter-agent trust protocol uses DID-based identity. Agent Spec could define how agents declare trust requirements for collaboration.
-
Governance policy references - Specs could reference governance policies that agents must comply with, similar to how API specs reference auth schemes.
We noticed Agent Spec already considers controls at the component level - we'd love to understand your thinking on where runtime governance fits vs. specification-time declarations. A few questions:
- Does Agent Spec have a concept of required capabilities or permission boundaries?
- Is there a pattern for referencing external policy/compliance requirements?
- Would governance metadata belong in the spec itself or in a companion artifact?
Happy to contribute a section on governance controls if that would be useful.