Docs / Security / Agent Governance
Agent governance security model
Gvner tracks every agent, enforces baselines, and records anomalies and enforcement actions as audit‑grade evidence.
What is secured
Agent inventory
Every agent has a declared owner, purpose, scope, budget, and runtime. No anonymous agents.
Baseline capture
Agents are activated only after a baseline snapshot is captured and hashed.
Anomalies & drift
Changes from baseline and abnormal behavior create anomaly records and alerts.
Enforcement actions
Suspensions, rollbacks, and overrides are always logged to the audit trail.
How to use
1. Review control
Understand the control definition.
2. Verify implementation
Confirm evidence output exists.
3. Export proof
Generate evidence for auditors.
4. Monitor drift
Track changes to control posture.
Console pages
Evidence exports
Agent registry snapshot (export registry + hashes)
Anomaly and enforcement reports (read‑only)
Regulator packet with baselines and attestations
Key API endpoints
GET /agents/registry — agent registryGET /agents/anomalies — anomaly findingsEvidence outputs
Agent governance evidence exports
Anomaly + enforcement logs