A small, open spec for writing down what an AI agent is allowed to do — and what its worst-case action is — before you ship it.
AgentAz is design-time only. It doesn't run anything or wrap your code; it's a vocabulary for documenting an agent's authority, failure modes, and escalation path in a file you can review, diff, and hand to a security or compliance team. Your runtime still does the enforcing — AgentAz just makes the intent reviewable.
This repo holds the spec and a reference registry: 62 agent blueprints (13 flagship), each
tagged with a Trust Level, a written-out worst-case action, and a machine-readable agentaz.json
that validates against the v1.0.0 schema.
The browsable version — search, the risk-assessment tool, downloads — lives at https://www.agent-kits.com. This repo is the raw source.
SPEC.md The AgentAz v1.0 spec
RATIONALE.md Origin & design rationale (the 'why')
CROSSWALK.md Mapping to NIST AI RMF, ISO 42001, OWASP Agentic
rfcs/ Public, dated change process (RFCs)
reference/ Reference validator — compute a tier from a spec
schema/agentaz-v1.0.schema.json JSON Schema (draft-07) the contracts validate against
kits/<slug>/agentaz.json The governance contract for one agent
kits/<slug>/kit.json Full blueprint: prompt, tools, workflow, examples, failure modes
kits/<slug>/run.py Runnable demo: native tool-use loop + enforced approval gate
kits/<slug>/evals/run.py Deterministic safety check for the gate (no API key needed)
kits/<slug>/requirements.txt Python dependencies for the demo
kits/<slug>/README.md Plain-English summary + attribution
flagships.json The 13 reference kits
LICENSE (Apache-2.0) Code & schema
docs/CONTENT-LICENSE.md (CC-BY-4.0) Spec text & blueprint content
- Validate any
agentaz.jsonagainstschema/agentaz-v1.0.schema.json(JSON Schema draft-07). - Enforce it in CI — add the
agentaz-validateGitHub Action to any repo; it computes the Trust Level on every push/PR and can fail the check when an agent is riskier than your policy allows. - Score any agent's governance — paste a system prompt or an
agentaz.jsoninto the free, deterministic AgentAz Compliance Scanner; it returns pass/fail gates mapped to Microsoft’s published governance guidance, plus a fix-list. - Run any blueprint live — each kit page has a browser playground that executes the real loop with your own API key, with the same approval gate as
run.py. - Use the vocabulary in your own agents — it's open, and using it doesn't imply we've reviewed or endorsed your agent.
- Browse the rendered blueprints at https://www.agent-kits.com.
AgentAz v1.0.0 is frozen — no breaking changes within 1.x, and the schema $id URL
(https://www.agent-kits.com/agentaz/agentaz-v1.0.schema.json) is permanent. It's early: expect the spec to grow at the edges (more examples,
clearer guidance) without breaking what's here. Issues and PRs welcome — see CONTRIBUTING.md.
Code and schema are Apache-2.0 (LICENSE). Spec text and blueprint content are CC-BY-4.0
(docs/CONTENT-LICENSE.md). “AgentAz” and “AgentKits” are trademarks of AgentKits — the open
licenses cover the work, not the names.
It's generated from the main AgentKits source and published one-way, so don't hand-edit files
here — changes happen upstream and the repo is regenerated. File issues/PRs per CONTRIBUTING.md.