Python: Kevros Governance plugin — action verification + audit trails for SK agents

[knuckles-stack]

Kevros Governance Plugin for Semantic Kernel

Governance-as-a-service for Semantic Kernel agents. Cryptographic action verification (ALLOW/CLAMP/DENY), hash-chained provenance, intent-command binding, and compliance bundles.

OpenAI Function Definitions (ready to use)

Pre-built function calling definitions for Semantic Kernel's OpenAI integration:
https://github.com/ndl-systems/kevros-governance-sdk/blob/main/openai_tools.json

Python SDK

```
pip install git+https://github.com/ndl-systems/kevros-governance-sdk.git
```

Use Case

SK agents taking real-world actions (enterprise workflows, data mutations, API calls) where you need tamper-evident proof of what the AI decided. EU AI Act, NYC Law 144, SOC2 audit compliance.

Gateway: https://governance.taskhawktech.com
A2A Agent Card: https://governance.taskhawktech.com/.well-known/agent.json

[knuckles-stack]

@mikeargento Thanks! Kevros was intentionally designed integrating NIST approved post-quantum signatures (FIPS 204 + CNSA 2.0 guidance coded + HMAC-SHA256, etc... Self-contained verification, no external dependencies.

Our architecture is live now across multiple protocols:

Azure Marketplace: https://marketplace.microsoft.com/en-us/product/taskhawk.kevros-ai-governance-gateway?tab=Overview
MCP server: Kevros on Smithery.
A2A agent card: https://governance.taskhawktech.com/.well-known/agent.json
x402: app.taskhawktech.com/fund
Python SDK: pip install kevros

[mikeargento]

Makes sense. What I am focused on specifically is eliminating the alternative unauthenticated creation path entirely, so the artifact’s existence itself proves the governed path was traversed.

Curious whether that layer has come up in your threat modeling.

[knuckles-stack]

@mikeargento Yes,hardware. FPGA/ASIC wafers are spec'd (non-provision utility patent pending x 3 with FFL granted).
Glad to discuss further offline.
governance@taskhawktech.com

• JM

[mikeargento]

Thanks, JM...appreciate the context. I sent a short note with a bit more detail in case it’s useful.