AAGATE: Agentic AI Governance Assurance & Trust Engine

AAGATE is a project under the OWASP AI Vulnerability and Security Framework (AIVSS), dedicated to providing a robust framework for the governance, assurance, and security of Agentic AI systems.

Abstract

The proliferation of sophisticated AI agents and Large Language Models (LLMs) introduces novel security and governance challenges. Traditional security paradigms are often insufficient to address the unique vulnerabilities inherent in agentic systems, such as complex attack surfaces, unpredictable behavior, and the potential for emergent, unintended capabilities. AAGATE (Agentic AI Governance Assurance & Trust Engine) presents a comprehensive, open-source solution designed to provide continuous monitoring, policy enforcement, and risk management for these advanced AI systems. By integrating real-time anomaly detection, behavioral policy enforcement, and configuration drift analysis, AAGATE offers a centralized platform for security teams to ensure that AI agents operate safely, ethically, and in alignment with organizational policies and standards like the NIST AI Risk Management Framework.

Table of Contents

• Abstract
• Architecture
• Features
• Technology Stack
• Getting Started
  • Prerequisites
  • Installation
  • Environment Setup
  • Running the Application
• Project Structure
• Development
  • Available Commands
  • Adding New Features
• Security Frameworks
• Troubleshooting
• Contributing
• License
• Resources

Architecture

This project is built on a modern, scalable web stack, designed for performance and maintainability.

• Frontend: Built with Next.js and React using the App Router. Components are crafted with ShadCN UI and styled using Tailwind CSS. The frontend leverages Server Components for performance and Server Actions for data mutations, providing a seamless user experience.
• AI/Backend: AI capabilities are powered by Google's Genkit, which orchestrates interactions with generative models like Gemini. Genkit flows are defined in the src/ai/flows/ directory and are exposed to the frontend via Next.js Server Actions.
• Data: The current version uses mock data located in src/lib/mock-data.ts to simulate a real-world environment with multiple AI agents and policies.

Technology Stack

Core Technologies

• Frontend Framework: Next.js 15.3.3 with App Router
• UI Framework: React 18.3.1
• Language: TypeScript 5
• AI Engine: Google Genkit 1.14.1
• AI Model: Gemini 2.0 Flash

UI & Styling

• Component Library: ShadCN UI
• Styling: Tailwind CSS 3.4.1
• UI Primitives: Radix UI
• Icons: Lucide React

Data & Forms

• Validation: Zod 3.24.2
• Form Management: React Hook Form 7.54.2
• Charts: Recharts 2.15.1

Development Tools

• Package Manager: npm
• Build Tool: Turbopack (Next.js)
• Linting: ESLint (Next.js config)
• Type Checking: TypeScript compiler

Features

AAGATE provides a suite of tools to monitor and govern your AI agents. The dashboard is organized into several key sections:

1. Overview

The main dashboard provides a high-level summary of all registered AI agents. You can quickly see each agent's status (Online, Offline, Warning), its current risk score, and a platform-wide risk trend chart that averages the risk scores across all agents over time.

2. Anomaly Detection

This page leverages a Genkit AI flow to analyze security signals and behavioral data from an agent. By providing logs or other signals, the AI can determine if the agent's behavior is anomalous, assign a risk score, and suggest potential remediation steps.

3. Policy Management

Here, you can view and manage the security policies that govern your agents. These policies are written in Rego, the language used by the Open Policy Agent (OPA), and are mapped to controls from security frameworks like the NIST AI RMF.

4. Shadow Monitor

This crucial feature helps prevent security vulnerabilities arising from configuration drift. It provides a side-by-side comparison of an agent's production configuration against a "shadow" version, highlighting any unauthorized or risky changes in permissions, parameters, or models before they are deployed.

5. Violation Analysis

When a policy violation occurs, this tool provides an AI-powered analysis. By inputting the violation details and relevant security logs, the system uses Genkit to classify the violation, provide contextual insights based on frameworks like MAESTRO and AIVSS, and recommend specific remediation actions.

Getting Started

Prerequisites

Before you begin, ensure you have the following installed:

• Node.js: Version 20 or higher
• npm: Version 9 or higher
• Google AI API Key: Get one from Google AI Studio

Installation

1. Clone the repository:

   git clone https://github.com/owasp/aagate.git
   cd aagate

2. Install dependencies:

   npm install

Environment Setup

Create a .env file in the root of the project:

# Required: Google AI API key for Genkit
GEMINI_API_KEY=your_google_ai_api_key_here

Running the Application

AAGATE requires two servers running simultaneously:

Terminal 1 - Next.js Development Server:

npm run dev

• Starts the web application on http://localhost:9002
• Supports hot module replacement for fast development

Terminal 2 - Genkit Development Server:

npm run genkit:watch

• Starts the Genkit AI flows server on http://localhost:4000
• Provides a development UI for testing AI flows
• Watches for changes and reloads automatically

Access the Application:

• Main Dashboard: http://localhost:9002
• Genkit Dev UI: http://localhost:4000

Project Structure

aagate/
├── src/
│   ├── app/                      # Next.js App Router pages
│   │   ├── page.tsx             # Dashboard overview
│   │   ├── agent/[id]/          # Agent detail pages
│   │   ├── anomaly-detection/   # Anomaly detection feature
│   │   ├── policies/            # Policy management
│   │   ├── shadow-monitor/      # Configuration drift detection
│   │   └── violation-analysis/  # Policy violation analysis
│   ├── ai/
│   │   ├── genkit.ts            # Genkit AI configuration
│   │   ├── flows/               # AI flow definitions
│   │   │   ├── detect-agent-anomalies.ts
│   │   │   └── analyze-policy-violation.ts
│   │   └── dev.ts               # Genkit development server
│   ├── actions/                  # Next.js Server Actions
│   │   ├── anomaly.ts
│   │   └── violation.ts
│   ├── components/
│   │   ├── ui/                  # ShadCN UI components
│   │   ├── dashboard-layout.tsx # Main layout wrapper
│   │   ├── page-header.tsx      # Page header component
│   │   └── risk-score-chart.tsx # Risk visualization
│   └── lib/
│       ├── types.ts             # TypeScript type definitions
│       ├── mock-data.ts         # Mock agent and policy data
│       └── utils.ts             # Utility functions
├── docs/                         # Additional documentation
├── .env                          # Environment variables (not in repo)
├── package.json                  # Project dependencies
├── tsconfig.json                 # TypeScript configuration
├── tailwind.config.ts            # Tailwind CSS configuration
└── next.config.ts                # Next.js configuration

Development

Available Commands

Command	Description
npm run dev	Start Next.js development server (port 9002)
npm run genkit:watch	Start Genkit dev server with hot reload (port 4000)
npm run genkit:dev	Start Genkit dev server without watch mode
npm run build	Build for production
npm run start	Start production server
npm run lint	Run ESLint for code quality checks
npm run typecheck	Run TypeScript type checking

Adding New Features

Adding a New AI Analysis Feature

1. Create a Genkit flow in src/ai/flows/your-feature.ts:

   import { ai } from '@/ai/genkit';
   import { z } from 'genkit';
   
   const InputSchema = z.object({
     // Define input schema
   });
   
   const OutputSchema = z.object({
     // Define output schema
   });
   
   export async function yourFeature(input: Input) {
     return yourFeatureFlow(input);
   }
   
   const yourFeatureFlow = ai.defineFlow(
     { inputSchema, outputSchema },
     async (input) => {
       const { output } = await prompt(input);
       return output!;
     }
   );

2. Create a Server Action in src/actions/your-feature.ts:

   "use server";
   import { yourFeature } from "@/ai/flows/your-feature";
   
   export async function yourFeatureAction(input: Input) {
     try {
       const result = await yourFeature(input);
       return { success: true, data: result };
     } catch (error) {
       return { success: false, error: error.message };
     }
   }

3. Create a page in src/app/your-feature/page.tsx

4. Add navigation in src/components/dashboard-layout.tsx

For detailed development guidance, see CLAUDE.md.

Security Frameworks

AAGATE integrates multiple security frameworks for comprehensive AI governance:

Supported Frameworks

• NIST AI RMF: AI Risk Management Framework for governance and risk management
• MAESTRO: Framework for AI agent behavior analysis
• AIVSS: OWASP AI Vulnerability and Security Standards
• SEI SSVC: Stakeholder-Specific Vulnerability Categorization
• CSA Red Teaming Guide: Cloud Security Alliance guidelines for AI testing

Security Features

• ✅ Real-time anomaly detection
• ✅ Policy-based access control with Rego (OPA)
• ✅ Configuration drift monitoring
• ✅ Risk scoring and trending
• ✅ AI-powered violation analysis
• ✅ Behavioral constraint enforcement

Troubleshooting

Common Issues

Port Already in Use

# If port 9002 or 4000 is already in use, kill the process:
lsof -ti:9002 | xargs kill -9
lsof -ti:4000 | xargs kill -9

Genkit API Key Error

Error: GEMINI_API_KEY is not set

• Ensure .env file exists in project root
• Verify the API key is correct
• Restart both development servers after adding the key

Module Not Found Errors

# Clear node_modules and reinstall
rm -rf node_modules package-lock.json
npm install

TypeScript Errors

# Run type checking to identify issues
npm run typecheck

Build Errors

# Clear Next.js cache and rebuild
rm -rf .next
npm run build

Contributing

We welcome contributions from the community! If you'd like to contribute, please follow these steps:

1. Fork the repository on GitHub.
2. Create a new branch for your feature or bug fix.
3. Make your changes and commit them with clear, descriptive messages.
4. Push your branch to your forked repository.
5. Open a pull request to the main repository, detailing the changes you've made.

Please ensure your code adheres to the project's coding standards and includes tests where applicable.

Development Guidelines

• Follow TypeScript strict mode conventions
• Use Server Components by default (add 'use client' only when needed)
• Place AI flows in src/ai/flows/ with proper Zod schemas
• Wrap flows in Server Actions for frontend consumption
• Use ShadCN UI components for consistent styling
• Follow the existing project structure and patterns
• Add type definitions to src/lib/types.ts for shared models

License

This project is licensed under the MIT License.

MIT License

Copyright (c) 2024 OWASP Foundation

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

Resources

Documentation

• CLAUDE.md - Development guide for Claude Code
• Architecture Blueprint - Detailed design document

OWASP AIVSS

• OWASP AIVSS Website
• OWASP AIVSS GitHub

Technologies

• Next.js Documentation
• Google Genkit Documentation
• ShadCN UI Components
• Tailwind CSS
• NIST AI RMF
• Open Policy Agent (Rego)

Community

• Report bugs and request features via GitHub Issues
• Join discussions on OWASP Slack

---

Built with ❤️ by the OWASP AIVSS Team

We welcome contributions from the community! If you'd like to contribute, please follow these steps:

1. Fork the repository on GitHub.
2. Create a new branch for your feature or bug fix.
3. Make your changes and commit them with clear, descriptive messages.
4. Push your branch to your forked repository.
5. Open a pull request to the main repository, detailing the changes you've made.

Please ensure your code adheres to the project's coding standards and includes tests where applicable.

License

This project is licensed under the MIT License.

MIT License

Copyright (c) 2024 OWASP Foundation

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.