tutorials

📚 Tutorials

Step-by-step guides for every layer of the Agent Governance Toolkit — from your first policy rule to production-grade observability. Each tutorial includes runnable code examples, API reference tables, and cross-references to related guides.

New here? Start with Tutorial 01 — Policy Engine, then follow the numbered sequence. Each tutorial builds on concepts from earlier ones.

---

Getting Started

#	Tutorial	What You'll Learn	Package
–	Retrofit Governance onto an Existing Agent	Add policy enforcement to any existing agent in 3 steps	agent-os-kernel

Core Governance

#	Tutorial	What You'll Learn	Package
01	Policy Engine	YAML rules, operators, conflict resolution, middleware integration	agent-os-kernel
02	Trust & Identity	Ed25519 credentials, DIDs, SPIFFE/SVID, trust scoring (0–1000)	agentmesh-platform
03	Framework Integrations	Govern LangChain, CrewAI, AutoGen, OpenAI Agents, Google ADK	agent-os-kernel
04	Audit & Compliance	Append-only audit logs, hash chains, OWASP ASI mapping	agent-governance-toolkit

Policy & Security

#	Tutorial	What You'll Learn	Package
07	MCP Security Gateway	Tool poisoning detection, parameter sanitization, human-in-the-loop	agent-os-kernel
08	OPA/Rego & Cedar Policies	External policy backends, 3 evaluation modes, enterprise policies	agent-os-kernel
09	Prompt Injection Detection	7 attack types, MemoryGuard, ConversationGuardian, red-teaming	agent-os-kernel

Runtime & Execution

#	Tutorial	What You'll Learn	Package
05	Agent Reliability (SRE)	SLOs, error budgets, circuit breakers, chaos testing	agent-sre
06	Execution Sandboxing	4-tier privilege rings, resource limits, termination control	agentmesh-runtime
11	Saga Orchestration	Multi-step transactions, DSL, fan-out, compensating actions	agentmesh-runtime
12	Liability & Attribution	Vouching, slashing, causal attribution, quarantine	agentmesh-runtime
14	Kill Switch & Rate Limiting	Emergency termination, rate limiting, ring elevation	agentmesh-runtime

Trust & Networking

#	Tutorial	What You'll Learn	Package
16	Protocol Bridges	A2A, MCP proxy, IATP attestation, trust-gated communication	agentmesh-platform
17	Advanced Trust & Behavior	Behavior monitoring, reward engine, trust policies, shadow mode	agentmesh-platform

Ecosystem

#	Tutorial	What You'll Learn	Package
10	Plugin Marketplace	Plugin signing, verification, CLI, supply-chain security	agentmesh-marketplace
13	Observability & Tracing	Causal traces, event bus, Prometheus, OpenTelemetry	agentmesh-runtime
15	RL Training Governance	GovernedRunner, PolicyReward, Gym-compatible environments	agentmesh-lightning
18	Compliance Verification	Governance grading, regulatory frameworks, attestation	agent-governance-toolkit

Multi-Language SDKs

#	Tutorial	What You'll Learn	Package
19	.NET SDK	GovernanceKernel, policy, rings, saga, SLO, OpenTelemetry in C#	Microsoft.AgentGovernance
20	TypeScript SDK	Identity, trust, policy, audit in TypeScript/Node.js	@agentmesh/sdk
21	Rust SDK	Policy, trust, audit, identity with agentmesh crate	agentmesh
22	Go SDK	Policy, trust, audit, identity with Go module	agentmesh

Delegation & Cost Control

#	Tutorial	What You'll Learn	Package
23	Delegation Chains	Monotonic scope narrowing, multi-agent delegation, cascade revocation	@agentmesh/sdk
24	Cost & Token Budgets	Per-session token limits, context scheduling, budget signals	agent-os-kernel

Supply Chain Security

#	Tutorial	What You'll Learn	Package
25	Security Hardening	Gitleaks, Dependabot, CodeQL, fuzzing, Scorecard, branch protection	agent-governance-toolkit
26	SBOM & Signing	SPDX/CycloneDX SBOMs, Ed25519 artifact signing, attestation	agent-compliance
27	MCP Scan CLI	MCP tool scanning, rug-pull detection, CI integration	agent-os-kernel

---

Extending the Toolkit

#	Tutorial	What You'll Learn	Package
28	Building Custom Integrations	Trust integrations, kernel adapters, publishing your own governance package	agent-os-kernel / standalone

---

Learning Paths

🚀 "I want to govern my agent in 10 minutes"

1. 01 — Policy Engine → define allow/deny rules
2. 03 — Framework Integrations → wrap your framework
3. 04 — Audit & Compliance → log everything

🔒 "I need production-grade security"

1. 02 — Trust & Identity → cryptographic agent identity
2. 09 — Prompt Injection Detection → input security
3. 07 — MCP Security Gateway → tool call security
4. 06 — Execution Sandboxing → privilege rings
5. 14 — Kill Switch & Rate Limiting → emergency controls
6. 25 — Security Hardening → CI/CD security gates
7. 27 — MCP Scan CLI → scan tool definitions for threats

🏢 "I need enterprise compliance"

1. 08 — OPA/Rego & Cedar → bring existing policies
2. 04 — Audit & Compliance → tamper-proof audit trails
3. 18 — Compliance Verification → regulatory grading
4. 13 — Observability & Tracing → distributed tracing
5. 26 — SBOM & Signing → supply chain security

🤖 "I'm building multi-agent systems"

1. 02 — Trust & Identity → agent credentials
2. 23 — Delegation Chains → scope narrowing and delegation
3. 16 — Protocol Bridges → cross-protocol communication
4. 11 — Saga Orchestration → multi-step workflows
5. 12 — Liability & Attribution → who's responsible
6. 17 — Advanced Trust & Behavior → dynamic trust
7. 24 — Cost & Token Budgets → control agent spend

---

Prerequisites

• Python 3.10+ for Python tutorials (01–18, 24–27)
• .NET 8.0+ for the .NET tutorial (19)
• Node.js 18+ for the TypeScript tutorials (20, 23)
• Rust 1.75+ for the Rust tutorial (21)
• Go 1.21+ for the Go tutorial (22)

Install the full toolkit:

pip install agent-governance-toolkit[full]    # Python
dotnet add package Microsoft.AgentGovernance  # .NET
npm install @agentmesh/sdk                    # TypeScript
cargo add agentmesh                           # Rust
go get github.com/microsoft/agent-governance-toolkit/sdks/go  # Go

More Resources

• Quick Start — Zero to governed agents in 10 minutes
• Architecture — System design and security model
• OWASP Compliance — ASI-01 through ASI-10 mapping
• Benchmarks — Performance data
• Examples — One-file quickstarts for each framework