The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, rogue agents, and tool misuse at runtime.

InfoWorld is a source of news, analysis, and commentary on technology trends, IT strategies, and business innovation. With a focus on enterprise technology and digital transformation, InfoWorld offers insights and guidance for IT decision-makers, software developers, and technology professionals. From  articles on cloud computing and cybersecurity to product reviews and industry trends, InfoWorld helps readers navigate the complexities of modern IT environments and make informed decisions to drive business success.

InfoWorld

Microsoft has released the Agent Governance Toolkit, an open-source runtime security layer for AI agents that maps directly to OWASP's top 10 agentic AI risks. The toolkit addresses threats like prompt injection, goal hijacking, tool misuse, rogue agents, and identity abuse. It comprises seven modular components — including Agent OS, Agent Mesh, Agent Runtime, Agent SRE, Agent Compliance, and Agent Lightning — available in Python, TypeScript, Rust, Go, and .NET. Designed to be framework-agnostic, it integrates with LangChain, CrewAI, Google ADK, and Microsoft Agent Framework without requiring code rewrites. Currently in public preview under an MIT license, Microsoft plans to transition it to a foundation-led governance model in collaboration with the OWASP agentic AI community.

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents