Product Verify SCITT AGT GitHub Pricing Get Started

Microsoft AGT → EPI

Native import of Microsoft Agent Governance Toolkit audit evidence into signed, portable, offline-verifiable .epi artifacts. Field-level mapping documented. End-to-end reproduction from a fresh clone.

Pipeline

AGT audit evidence flows through four stages to become a verifiable EPI artifact. No manual assembly required.

🛡
AGT
AuditService
📤
Native
Export
📦
epi import agt
Auto-detect
📁
Signed
.epi File
epi verify
Offline

Two ways to try it

Quick Path

No AGT installation. Uses pre-generated evidence.

$ git clone https://github.com/mohdibrahimaiml/epi-recorder
$ cd epi-recorder
$ pip install -e .

$ epi import agt examples/agt/native-export/sample_export.json \
--out case.epi
[OK] AGT import complete

$ epi verify case.epi
Integrity: Verified
Signature: Valid

Good for documentation, screenshots, conference talks.

Full Validation Path

Installs AGT SDK and generates live evidence.

$ git clone https://github.com/microsoft/
agent-governance-toolkit
$ cd agent-governance-python/
agent-governance-toolkit-core
$ pip install .

$ cd epi-recorder
$ python examples/agt/native-export/
generate_evidence.py
Evidence written to agt_export.json

$ epi import agt agt_export.json \
--out case.epi
$ epi verify case.epi
Integrity: Verified
Signature: Valid

Good for auditors, maintainers, engineers validating the pipeline.

Interoperability bugs found and fixed

These four issues were discovered by feeding real AGT SDK output into the EPI adapter. All were adapter mapping problems, not format incompatibilities.

#AGT OutputEPI Before FixEPI After Fix
1event_type: "agent_action"agt.unknown.agent_actiontool.call
2event_type: "policy_decision"agt.unknown.policy_decisionpolicy.check
3policy_decision: nullPydantic validation crashstr | None = None
4data.policy_name: "EUAI-ART9-RISK"matched_rule: ""matched_rule extracted

AGT → EPI field mapping

Every AGT field is either translated to an EPI equivalent or preserved verbatim. The mapping report inside each .epi artifact documents every transformation.

AGT FieldEPI FieldMappingNotes
event_typekindtranslated doneagent_action → tool.call, policy_decision → policy.check
agent_didgovernance.agent_didexact donePreserved verbatim
actiongovernance.actiontranslated doneAGT → EPI action vocabulary
outcomegovernance.outcometranslated donesuccess → completed, denied → blocked
entry_idcontent.agt_entry_idexact doneReference back to original AGT entry
entry_hashcontent.agt_entry_hashpreserved doneHash chain integrity preserved
data.policy_namematched_rule, governance.policy_namederived doneExtracted from AGT data payload
data.*content.agt_data.*preserved doneAll AGT data fields preserved verbatim
merkle_rootartifacts/agt/preserved doneRaw export preserved, Merkle chain in metadata
timestamptimestampexact doneISO-8601 preserved
resourcecontent.resourceexact doneResource identifier preserved
unknown fieldscontent.agt_unknown_fieldspreserved futureForward-compatible with new AGT fields

Inside the artifact

A loan underwriting scenario with 4 AGT events, imported and verified.

# steps.jsonl — 4 EPI-native steps [0] kind=tool.call action=assess_credit_risk # agent_action → tool.call [1] kind=policy.check action=assess_credit_risk rule=LENDING-V2-ART3 [2] kind=tool.call action=generate_decision_letter # agent_action → tool.call [3] kind=policy.check action=approve_above_threshold rule=EUAI-ART9-RISK (DENIED) # artifacts/agt/ — 8 raw AGT files preserved bundle.json (full AGT export) audit_logs.json flight_recorder.json compliance_report.json policy_document.json runtime_context.json slo_data.json mapping_report.json (every field mapped)

Test suite

130 tests across the AGT adapter, container layer, envelope format, serialization, CLI, framework adapters, guardrails, and integration end-to-end tests — all passing with zero regressions from the adapter fixes.

130 passed in 62.00s agt_adapter .......... 31/31 container ........... 27/27 envelope ........... 10/10 serialize ........... 17/17 integration ........ 30/30 unit ............... 15/15

What this integration is and isn't

ESTABLISHED

  • AGT AuditService exports importable
  • Field-level mapping documented
  • Governance semantics preserved
  • Integrity + signature verified
  • Reproduceable from fresh clone
  • 130/130 tests pass

NOT ESTABLISHED

  • AGT natively exports .epi
  • Adapter lives in Microsoft's repo
  • Microsoft adopted EPI as standard
  • Independent third-party reproduced
  • Deprecation warning suppressed

Try the integration yourself.

View generate_evidence.py examples/agt/ on GitHub Microsoft AGT on GitHub