Acacian/aegis

v0.2.0 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 2mo MCP Security & Auth

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

agent-security ai-agent-security ai-agents ai-governance ai-safety ai-security

+14 more

audit-trail compliance guardrails langchain llm-security mcp mcp-security model-context-protocol pii-detection policy-as-code policy-engine policy-testing prompt-injection selection-governance

Affected surfaces

auth rbac

Summary

AI summary

New Web Governance Dashboard with real‑time audit streaming and policy editor is introduced.

Full changelog

What's New

🖥️ Web Governance Dashboard

Real-time SPA dashboard with 7 pages (overview, audit, policy, anomalies, compliance, regulatory, system)
WebSocket real-time streaming: /ws/audit streams audit entries live to connected clients
Policy editor: in-dashboard YAML editor with validate and save/reload (hot-reload)
Audit JSON export: one-click filtered export from dashboard audit page
Auto-refresh overview (30s, toggleable)
aegis serve policy.yaml --seed-demo 200 populates demo data for evaluation

🎮 Interactive Playground

Browser-only policy playground — no install, no backend
YAML + glob matching in pure JS, try policies instantly

🏢 Enterprise Features

Cryptographic audit chain: SHA-256/SHA3-256 hash-linked, tamper-evident (EU AI Act Art.12 + SOC2 CC7.2)
Regulatory compliance mapper: EU AI Act (10 req), NIST AI RMF (8 req), SOC2 (6 req), ISO 42001
Behavioral anomaly detection: rate spike, burst, new-action, unusual target, auto policy generation
Compliance report generator: SOC2, GDPR, governance from audit logs
RBAC: 12 permissions, 5 hierarchical roles, thread-safe AccessController
Multi-tenant isolation: TenantContext, TenantRegistry, quota enforcement
Policy versioning: git-like commit, diff, rollback, tagging
Rate limiter: per-agent and global sliding-window
Webhook notifications: Slack, PagerDuty, generic JSON

🛡️ CI/CD Governance

GitHub Action: aegis-action for policy enforcement in PR and deploy pipelines
Shields.io badge: GET /api/v1/badge/score for README embedding

🔍 AI-Specific Deep Features

Semantic conditions engine (keyword + pluggable LLM evaluator)
Agent trust chain (hierarchical identity, delegation, cascade revocation)
Policy diff & impact analysis (aegis diff)
Natural language autopolicy (aegis autopolicy)
Adversarial probe (aegis probe)
Policy testing framework with auto-generation
Action replay & simulation engine

📊 Stats

1,776+ tests passing
27 core modules, 65 source files
mypy --strict clean
CI green on Python 3.11, 3.12, 3.13

Full Changelog: https://github.com/Acacian/aegis/compare/v0.1.8...v0.2.0

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Acacian/aegis

Get notified when new releases ship.

About Acacian/aegis

Policy-based governance for AI agent tool calls. YAML policies, approval gates, risk assessment, and audit logging. Cross-platform: LangChain, OpenAI, Anthropic, MCP.

All releases →