Cryptographically signed policies that constrain AI agent behavior. Same attestation primitives as cilock, applied to agent execution: identity binding via MCP, JWT + signing-key separation, sublayouts for sub-agents.
golang mcp attestation ai-safety ai-agents supply-chain-security sigstore agent-security signed-policy
-
Updated
May 28, 2026 - Go