Enterprise AI Platform Relevance

This project is designed as a vendor-neutral governance pattern for workplace AI agents. It is not tied to a single model provider or agent framework. The same control-plane pattern applies across diverse enterprise ecosystems:

Platform How this control plane applies
Microsoft Foundry / Azure AI Adds policy, approval, audit, and evaluation controls around enterprise agent workflows.
OpenAI Agents Governs tool use, handoffs, SQL actions, document actions, and approval-required tasks.
Amazon Bedrock Agents Adds an enterprise control layer for agent actions, knowledge-base access, and workflow execution.
Databricks AI/BI Genie Supports governed natural-language analytics through approved definitions, query boundaries, and review paths.
Local LLM / MCP Tooling Enables local-first workflow automation with controlled tool access and audit logging.

Workplace Production Relevance

"How do we let AI agents help with real business work while preserving human oversight, policy compliance, auditability, and operational control?"

This pattern addresses high-value corporate-function workflows such as finance operations, contract intake, document review, procurement support, HR knowledge retrieval, project status follow-up, executive reporting, internal knowledge automation, analytics request routing, and data operations.

Enterprise Controls Demonstrated

Control What it does Workplace relevance
Policy engine Classifies actions as allowed, denied, or requiring approval. Prevents unmanaged agent behavior.
Human approval workflow Pauses sensitive actions until a person approves or denies them. Keeps humans in control of high-risk work.
Skill registry Defines approved agent capabilities. Prevents agents from using undefined or unapproved tools.
Skill contracts Documents purpose, inputs, outputs, and constraints. Makes agent behavior explicit and testable.
Output validation Blocks writes outside approved paths. Reduces risk of uncontrolled system changes.
Secret detection Checks for credential-like patterns. Reduces exposure of sensitive information.
Append-only audit log Records execution, outputs, status, and timestamps. Creates traceability for governance and review.
Test suite Validates policy, registry, runtime, and simulator behavior. Supports release discipline before broader use.

Architecture & System Topography

The architecture separates agent intent from governed execution. Runtimes request work, but actions flow through the same registry, policy, approval, and audit path before execution is considered valid.

System Topology & Flowchart
Hover components to trace flows
BUSINESS WORKFLOWS Finance / Reporting HR / Support Legal / Review Operations / Projects Knowledge Work ENTERPRISE AI PLATFORMS Azure AI Foundry OpenAI Agents Bedrock Agents AI/BI Genie Local LLM / MCP Governed Agent Control Plane Skill Registry Policy Engine Approved Skills / Tools Human Approval Queue Denied Action Logged Approved Data / APIs Append-only Audit Log Evaluation & Monitoring

Current Local Runtime

The developer-focused execution engine intercepts tasks locally, enforcing boundaries on standard command-line agents (Claude Code, Codex) via simple YAML mappings and exit gates.

Developer Handoff Pipeline
Claude Code OpenAI Codex CLAUDE.md (Config) AGENTS.md (Config) run_skill.py (CLI) registry.py policy.py skills/ (Approved) approvals.jsonl exit 1 (Blocked)

Getting Started

Three commands compile, configure, and initialize the governed environment locally:

git clone https://github.com/nicholashidalgo/agentic-os-control-plane
cd agentic-os-control-plane
chmod +x install.sh && ./install.sh

install.sh creates the required memory vault structure, registers local dependencies, copies standard configurations, and sets up developer rules.

Interactive Control Plane Live simulation

Witness how the control plane intercepts developer commands, pauses for Operator reviews, and appends cryptographic logs in real time:

hidalgo-systems-lab ~ execution-simulator
nick@hidalgo-os %

List pending reviews or manually action approvals at any time using the approvals routing CLI:

python control_plane/run_skill.py --approvals list --status pending

Skill System Contract

Every tool executed by an agent is structured as an isolated, declared Skill consisting of an API contract (SKILL.md) and an entry module (run.py) implementing a deterministic input-output loop.

morning_brief

Summarizes daily vault entries into a cohesive briefing document.

vault_cleanup

Promotes raw notes to clean reference entries based on structure rules.

research_digest

Converts raw inputs into categorized research wikis.

continuation_brief

Creates seamless handoff states for consecutive agent shifts.

policy_simulator

Evaluates batch agent actions against active rules without executing.

Policy Layer Boundaries

The policy engine enforces explicit gates on system processes. Actions are strictly classified based on structural risk categories:

Proposed Action Type Policy Decision
FILE_READ ALLOW (Read actions permitted within user space)
FILE_WRITEvault/ or data/ ALLOW (Standard workspace updates)
FILE_WRITE → Core modules / rules DENY (Prevent rule tampering)
FILE_DELETE, SHELL_EXEC, API_WRITE REQUIRE APPROVAL (High-risk operations gated)
GIT_COMMIT, GIT_PUSH, EMAIL_SEND REQUIRE APPROVAL (External exposures gated)

Audit Infrastructure

Every tool execution and human decision triggers an immediate, append-only write block. Audit records store input hashes rather than raw inputs and are scrubbed for credential-like patterns, preserving a low-exposure profile.

{
  "run_id": "RUN-20260520-123456",
  "skill": "research_digest",
  "inputs_hash": "a8f5b2c9d1e4",
  "outputs": ["vault/wiki/digest_research_2026_05_20.md"],
  "status": "success",
  "timestamp": "2026-05-20T16:28:00.764Z"
}

Milestone Roadmap

Version Status Project Scope
v0.1 COMPLETED 5 core skills, policy rules, sandbox simulator, comprehensive testing blocks.
v0.2 IN PROGRESS Structured human reviews, `--approvals` interactive CLI, state cycles, automatic resumes.
v0.3 Planned Local web console dashboard rendering runs, history streams, and visual policy trends.
v0.4 Planned External MCP integration channels, extending policies to micro-APIs.

Workspace Structure & Topology

Expand local directory branches below to examine modular structures and technical policies:

workspace-explorer: agentic-os-control-plane
Click directories to expand
  • agentic-os-control-plane/
    • CLAUDE.md Operating rules for Claude Code
    • AGENTS.md Operating rules for OpenAI Codex
    • pyproject.toml Python project dependencies & configuration
    • control_plane/
      • policy.py Core action gate (ALLOW / APPROVE / DENY)
      • registry.py Skill indexing catalogue
      • audit_log.py Append-only log execution engine
      • run_skill.py Governed CLI controller entrypoint
    • skills/
    • vault/
    • data/