Microsoft Open-Sources AI Agent Governance Toolkit for Enterprise Compliance

Microsoft released its Agent Governance Toolkit as open source under the MIT license on April 3, 2026. The toolkit is the first to address all ten OWASP agentic AI risks and is designed to provide runtime security governance for autonomous AI agents.

The core "Agent Compliance" package automates governance verification and includes direct mapping to the EU AI Act, HIPAA, and SOC2. The timing is deliberate: the EU AI Act's high-risk AI obligations take effect in August 2026, and many enterprises are still unprepared.

The toolkit is a seven-package system available in Python, TypeScript, Rust, Go, and .NET. Microsoft has stated its intention to eventually transfer the project to an independent foundation for community governance, noting that "agent governance is too important to be controlled by any single vendor."

For enterprise teams deploying agentic AI, this free toolkit provides a structured approach to what is otherwise a fragmented compliance landscape. The repository is available at microsoft/agent-governance-toolkit on GitHub.