New community server: agent-governance — policy enforcement, threat detection, audit trails #3352
Description
Proposal: Agent Governance MCP Server
Summary
A new community MCP server that provides governance capabilities for any MCP client — policy enforcement for tool calls, threat detection, trust scoring for multi-agent delegation, and compliance audit trails.
Why an MCP Server?
Governance needs to work across all MCP clients (Claude, Copilot, ADK, Cursor, etc.) without each client implementing their own governance logic. An MCP governance server provides:
- Universal policy enforcement — Any MCP client can check tool calls against policies before execution
- Centralized threat detection — Scan tool arguments for data exfiltration, prompt injection, privilege escalation
- Trust scoring — Score agent-to-agent delegation requests with configurable thresholds
- Compliance audit — Append-only audit trail queryable across all connected clients
Proposed Tools
{
"tools": [
{
"name": "governance_check_policy",
"description": "Validate a tool call against loaded governance policies",
"inputSchema": {
"type": "object",
"properties": {
"tool_name": { "type": "string" },
"tool_args": { "type": "object" },
"agent_id": { "type": "string" },
"context": { "type": "object" }
},
"required": ["tool_name"]
}
},
{
"name": "governance_detect_threats",
"description": "Scan content for known threat patterns",
"inputSchema": {
"type": "object",
"properties": {
"content": { "type": "string" },
"categories": { "type": "array", "items": { "type": "string" } }
},
"required": ["content"]
}
},
{
"name": "governance_score_trust",
"description": "Calculate trust score for agent delegation",
"inputSchema": {
"type": "object",
"properties": {
"source_agent": { "type": "string" },
"target_agent": { "type": "string" },
"delegation_scope": { "type": "array", "items": { "type": "string" } }
},
"required": ["source_agent", "target_agent"]
}
},
{
"name": "governance_audit_log",
"description": "Log a governance event to the audit trail",
"inputSchema": {
"type": "object",
"properties": {
"event_type": { "type": "string", "enum": ["tool_call", "policy_check", "threat_detected", "delegation"] },
"details": { "type": "object" },
"severity": { "type": "string", "enum": ["info", "warning", "critical"] }
},
"required": ["event_type", "details"]
}
},
{
"name": "governance_audit_query",
"description": "Query the audit trail for compliance reporting",
"inputSchema": {
"type": "object",
"properties": {
"time_range": { "type": "string" },
"event_type": { "type": "string" },
"severity": { "type": "string" },
"agent_id": { "type": "string" }
}
}
}
]
}Proposed Resources
{
"resources": [
{
"uri": "governance://policies/active",
"name": "Active Governance Policies",
"mimeType": "application/json"
},
{
"uri": "governance://audit/recent",
"name": "Recent Audit Events",
"mimeType": "application/json"
}
]
}Implementation
We would implement this in Python using the MCP Python SDK, backed by:
- YAML-based policy configuration (matching Agent-OS policy format)
- SQLite for audit trail storage
- Configurable governance levels (permissive/moderate/strict/paranoid)
Context
We maintain Agent-OS and AgentMesh governance frameworks. Related proposals:
- google/mcp-security #237 — MCP security governance extension
- anthropics/skills #412 — Governance skill
- anthropics/claude-plugins-official #415 — Governance plugin
Happy to submit a PR with the implementation.