Roadmap

createGovernance(), enforce(), register(). 13 condition types. Boolean combinators. Priority-ordered evaluation.

createGovernanceMiddleware() and createGovernedMCPProcessor() — wrap every tool call with a single line.

createGovernedTools() wraps any AI SDK tool definition with before-action enforcement.

detectInjection() across 7 categories: instruction override, role switch, data exfil, command injection, goal hijacking, prompt leakage, and more.

kill(), killAll(), revive(), reviveAll() at priority 999. Per-process in OSS; distributed in Cloud.

Composite 0–100 score across auth, guardrails, observability, audit, oversight, compliance, identity. L0–L4 levels.

governTool() wraps any DynamicTool or StructuredTool with full policy enforcement.

createIntegrityChain() with append(), verify(), and export(). Tamper detection with exact broken-link location.

assessCompliance() mapping to Articles 9, 11, 12, 14, 15, 50. getDaysUntilDeadline().

Auto-migration on first connect. No migrations file needed. Zero config beyond connection string.

on('enforce', 'register', 'kill', 'score') lifecycle hooks. Latency histograms, block ratios, enforcement rates.

governAgent() for @openai/agents. Govern an entire OpenAI agent with one call.

createEnterpriseGovernance(): RBAC, multi-tenant namespacing, fleet analytics, policy templates (fintech, healthcare, saas).

Broad coverage across the enforcement hot path, audit-chain verification, and framework adapters. Scope-honesty pass in v0.11 trimmed 5 unused modules; test suite still passes clean.

Middleware adapters for Apollo Server, tRPC, and Hono that govern AI-generated query execution before resolver runs.

Detect when a registered agent's tool usage pattern drifts from its baseline. Alert or auto-kill on statistical anomaly.

Native adapter for Model Context Protocol servers. governance-sdk/plugins/mcp ships today; roadmap item covers response-side sanitization and credential redaction.

Compile the enforcement hot path to WebAssembly so governance runs natively in Cloudflare Workers, Deno Deploy, and other Wasm-friendly runtimes. Latency targets TBD after prototype.

Hosted version of the admin dashboard with live fleet metrics, audit log search, compliance reporting, and team management.

governance validate, governance apply, governance diff — manage policies from git, deploy via CI/CD pipeline.

When agent A calls agent B, propagate governance context and enforce trust-level requirements across the call graph.

Use Z3/SMT solvers to prove that a policy set can't have conflicting rules that produce undefined outcomes.

Conflict-free replicated policy updates across distributed agent instances with guaranteed consistency.