Python: [Python][Agents] AgentMesh: Trust and Governance Layer

[imran-siddique]

Summary

Adds agentmesh module to \semantic_kernel.agents\ providing cryptographic identity verification and governance controls for Semantic Kernel agents.

Features

Trust Layer

• CMVKIdentity: Ed25519-based cryptographic identity
• TrustedAgentCard: Agent discovery and verification
• TrustHandshake: Peer verification protocol

Governance Layer

• GovernancePolicy: Comprehensive policy configuration
• GovernedAgent: Agent wrapper with policy enforcement
• GovernanceKernel: Kernel wrapper with governance controls

Governance Capabilities

Feature	Description
Rate Limiting	Per-minute and per-hour limits
Function Control	Allow/deny lists for functions
Resource Limits	Concurrent tasks, memory limits
Audit Logging	Full invocation audit trail
Trust Requirements	Identity verification, trust scores

Example

\\python
from semantic_kernel.agents.agentmesh import (
CMVKIdentity,
GovernedAgent,
GovernancePolicy,
)

identity = CMVKIdentity.generate('assistant', capabilities=['chat'])

policy = GovernancePolicy(
max_requests_per_minute=30,
allowed_functions=['chat'],
audit_all_invocations=True,
)

governed = GovernedAgent(agent=base_agent, identity=identity, policy=policy)
\\

Related

• AgentMesh Project
• Similar integrations: LangChain (#35057), LlamaIndex (#20644)

[moonbox3]

Python Test Coverage Report •

File	Stmts	Miss	Cover	Missing
__init__.py	4	0	100%
agents/agentmesh
__init__.py	4	4	0%	7–8, 14, 21
governance.py	169	169	0%	7, 9–12, 14–15, 26, 29–33, 36–37, 40–45, 48–49, 56–58, 61–63, 66–68, 71–74, 77–79, 82–83, 86–89, 92, 99, 112–115, 122–125, 127–128, 130, 132–133, 135, 137–138, 140, 142, 151, 153–154, 156, 159–162, 165–168, 171–174, 177–178, 180, 182, 191–193, 195–197, 199, 201, 219, 226–227, 229, 246–250, 252, 260, 262, 281, 284–287, 293–294, 297–298, 304–305, 308–309, 315–316, 319–320, 326, 329–330, 332–338, 340, 342, 344, 346, 348, 350, 352, 354, 356, 358, 360, 372, 378, 391–394, 401–402, 404, 406, 411–412, 414–415, 417, 419–420, 422, 424–425, 427, 429, 438–439, 441, 443
identity.py	79	79	0%	3, 5–10, 12–14, 16–18, 21–22, 25–28, 30–31, 38–41, 49–50, 53–58, 60–61, 63–65, 67–71, 73–75, 77, 85, 87–88, 90–94, 96–97, 99, 101, 103–104, 106–115, 117–118, 126–129, 137, 139
trust.py	93	93	0%	3, 5–8, 10, 13–14, 17–21, 24–25, 28–32, 35–36, 39–45, 47–48, 56, 58, 60–62, 64, 66–69, 71–72, 79–83, 85–89, 100, 103–107, 109–115, 117–118, 120, 127–128, 130–133, 135–136, 140–141, 145–146, 150–151, 157–161, 168, 175–176, 178–179
TOTAL	28492	5166	81%

Python Unit Test Overview

Tests	Skipped	Failures	Errors	Time
3833	23 💤	0 ❌	0 🔥	1m 45s ⏱️

[imran-siddique]

Ready for Final Review 🙏

This PR has been open for a while. The AgentMesh trust layer integration is complete and tested.

Could a maintainer please provide a final review? Happy to address any remaining concerns.

Thank you!

[moonbox3]

What's the requirement/need driving this?

[imran-siddique]

Great question! The need comes from several production multi-agent scenarios:

Key Requirements

1. Identity Verification - When agents communicate (A2A, multi-agent orchestration), there's no built-in way to verify "who" you're talking to. Without cryptographic identity, any process can claim to be any agent.

2. Trust-Gated Operations - Sensitive operations (code execution, data access, external API calls) should only be allowed from verified, trusted agents. This module provides configurable trust thresholds per operation.

3. Audit Compliance - Enterprise deployments need full audit trails of all agent invocations for compliance (GDPR, HIPAA, SOX). The governance layer logs every action with identity tracking.

4. Rate Limiting & Resource Control - Prevent runaway agents from exhausting resources. The policy layer enforces per-minute/per-hour limits and concurrent task bounds.

Real Example

In a multi-agent system where:

• Agent A requests Agent B to execute code
• Agent B should verify Agent A is trusted before execution
• All interactions must be logged for audit

This module makes that possible with minimal code changes:

\\python
governed = GovernedAgent(agent=base_agent, identity=identity, policy=policy)

Now all invocations are identity-verified, policy-checked, and audit-logged

\\

Similar integrations have been merged/submitted to AutoGen, CrewAI, A2A, and others. Happy to discuss specific use cases!