Governance Layer Alpha

Do you know what your AI agents did last night?

The first governance layer for autonomous agents. Inventory, Access, and Compliance as Code for the generative enterprise.

Or: GitHub

[ SYSTEM_STATE: STABLE ]

PROTOCOL_ACCESS: v1.0.4
KERNEL_HASH: 0x4f2a7...
LATENCY: 14ms
AGENTS_TRACKED: 1,402

agent_audit_stream.sh [ active ]

01Initialize: Governance_V1

02$ fetch agent_logs --filter="unauthorized_api_call"

03[ SCANNING CLUSTER-DELTA-9 ] ...

04ALERT: Agent_412 attempted vector_db override

05ACTION: protocol_quarantine applied

06GENERATE: compliance_report_24h.pdf

Explore Architecture

[SYSTEM] problem

Your agents are multiplying. Your governance isn't.

🤖

How many agents do you have?

Most companies can't answer this. The EU AI Act (Art. 11) requires you to.

📋

Who approved their access?

Agents read customer data, call APIs, make decisions. Where's the audit trail?

⚖️

Are they compliant?

DSGVO, NIS2, EU AI Act — regulations written for humans, applied to machines.

[SYSTEM] pipeline

The Autonomous Cycle

Streamline your AI deployment with our deterministic lifecycle. From YAML definitions to secure registry publication, every step is cryptographically verified.

.agents.yaml content_copy

agent: "Helix-7"
version: 1.2.0-stable
capabilities:
  - doc_ingestion
  - semantic_search

Declare

Define agent architecture and permissions in a standardized, machine-readable format.

check_circle

[ COMPLIANCE VERIFIED ]

CHECKSUM: 0x8F2...4E12

Validate

Automated security auditing and protocol compliance checking against the Helix-Core.

hub

NODE_STATUS ONLINE

Registry ID

HX-NODE-9901-ALPHA

Publish

Instantly deploy to the global Helix registry for enterprise-wide discovery and execution.

[SYSTEM] registry

Compliance Registry

Real-time verification of autonomous agent protocols. All instances are cryptographically hashed and verified against ISO-HELIX standards.

TOTAL_AGENTS 1,248

FAILED_CHECKS 0.02%

Research-Bot-X

ID: helix-agent-0x9a2

compliant

Protocol_Hash

SHA256: 8f2d...4e1a90c

Last_Checked 2026-03-12 14:22:01

analytics

Writer-Neural-V2

ID: helix-agent-0x4b1

pending

Protocol_Hash

SHA256: 3c7a...2f1b88e

Last_Checked AWAITING_VERIFICATION

sync

Legacy-Scraper-4

ID: helix-agent-0x1f9

non-compliant

Protocol_Hash

MISMATCH_DETECTED_004

Last_Checked 2026-03-19 09:12:44

report

DevOps-Automata

ID: helix-agent-0x7c3

compliant

Protocol_Hash

SHA256: d91e...22c4a1b

Last_Checked 2026-03-12 16:05:30

shield

add_circle Register_New_Agent

[SYSTEM] solution

One file. Complete agent governance.

.agents.yaml gives you a file-first registry for identity, risk class, human oversight, data processing, and public trust signals.

solution.example.yaml[ compliant ]

agents:
  - id: "acme/support-bot"
    risk_class: limited
    autonomy_level: supervised
    data_processing:
      legal_basis: "Art. 6(1)(b) DSGVO"
    human_oversight:
      required: true

📄

file-first

File-first, no vendor lock-in

A YAML file in your repo. No SaaS subscription required.

🛡️

native mapping

Compliance-native

Every field maps to EU AI Act, DSGVO, or NIS2 requirements.

🌱

progressive disclosure

Start minimal. Grow into Annex IV.

Start in 5 minutes, scale to full technical documentation later.

[SYSTEM] dual address

You're reading the human layer.

Your AI agents can discover this spec at:

/.well-known/agents.yaml /.well-known/agent-card.json /llms.txt

This page exists in two versions. You're looking at one of them.

[SYSTEM] regulatory mapping

Built for the regulations that matter.

EU AI Act Art. 11Technical documentation for high-risk AI

EU AI Act Art. 9Risk management system

EU AI Act Art. 14Human oversight requirements

EU AI Act Art. 50Transparency obligations

DSGVO Art. 30Records of processing activities (VVT)

NIS2Security incident documentation

[SYSTEM] open standard

Not a product. A standard.

We believe compliance should be transparent, interoperable, and free from vendor lock-in. .agents.yaml is our contribution.

🆓

license

Spec is CC-BY-4.0

Free forever, open for reuse, and designed to outlive any one vendor.

🔧

tooling

Tooling is MIT-licensed

Validators, generators, and CI integrations should be inspectable and forkable.

🌍

community

GitHub-first, community-driven

Roadmap, issues, and debate happen in public. No black-box compliance theater.

[SYSTEM] who it's for

Built for the people who will be asked uncomfortable questions first.

AI Engineers

“Finally, a way to document agents that isn't a 50-page PDF.”

Compliance Officers

“Agent inventory that maps to Art. 30 VVT and Art. 11 Technical Docs.”

CTOs

“Know exactly what your AI fleet does — before the auditor asks.”

DevOps

“Compliance checks in CI/CD, not in quarterly reviews.”

[SYSTEM] early adopter

Secure your agent governance today.

Deploy immutable policy frameworks for autonomous agents. Ensure compliance and safety at the speed of inference.