The definitive, execution-agnostic governance framework for the Agentic Economy.
A dual-layer protocol for Capabilities (UTCD) and Behavior (ABC/Contracts).
The AI Agent Contract Stack provides a standardized way for AI systems to interact safely. It separates the description of tools from the governance of agents.
"What is this tool and what are its risks?" UTCD provides a declarative "Nutrition Label" for tools. It allows agents to reason about side-effects, privacy, and costs before execution.
Stored in:
examples/*.utcd.yaml
"How is this agent permitted to behave?" Agent Behavior Contracts (ABC) define the enforceable boundaries—MISSION, RISK, and GOVERNANCE—that an agent must respect during its lifecycle.
Stored in: contracts/ directory
Ensure your tool's "Nutrition Label" follows the standard schema:
python -m utcd.validator examples/csv-analyzer.utcd.yamlValidate an agent's behavioral contract and verify tool risk inheritance:
python -m utcd.contract_validator contracts/examples/research-agent.contract.yamlSecure your tool descriptors to prevent "Shadow Capability" tampering:
python demos/sign_descriptor.py examples/csv-analyzer.utcd.yamlThe utcd package includes a built-in reasoning engine that selects tools based on your governance policy.
from utcd import UTCDAgent, Policy
# 1. Initialize with a governance policy (e.g., GDPR compliant)
agent = UTCDAgent(policy=Policy.gdpr())
# 2. Discover tools
agent.load_tools_from_directory("./examples")
# 3. Find the safest tool for the mission
results = agent.find_tools(domain="data-processing")
best_tool = results[0]
print(f"Selected: {best_tool.tool_name} (Score: {best_tool.score}/100)")| Directory | Purpose |
|---|---|
| utcd/ | The core Python package (Loader, Validator, Signer, RiskEngine). |
| contracts/ | Agent Behavior Contracts (ABC) specifications and examples. |
| schema/ | Formal JSON Schema definitions for core and profiles. |
| examples/ | Sample UTCD tool descriptors. |
| demos/ | Ready-to-run scenarios (Selection, Rejection, Degradation). |
| Policy | Scope | Enforcement |
|---|---|---|
Policy.strict() |
Safety | Rejects any tool with side-effects or data retention. |
Policy.standard() |
Balanced | Standard safety defaults with performance weighting. |
Policy.gdpr() |
Compliance | Enforces EU data residency and encryption standards. |
Policy.permissive() |
Audit | Provides warnings without blocking execution. |
- Pre-execution only — We describe, never execute.
- Static & Declarative — Machine-readable YAML, no runtime dependencies.
- Offline-Valid — Guaranteed safety without network calls.
- Immutable Trust — Canonical hashing prevents tampering after signing.
- Agent-Centric — Designed to be ingested by LLMs for autonomous reasoning.
- WHITEPAPER.md — The philosophical and technical foundation.
- contracts/contract-spec.md — Formal ABC specification.
- FUTURE_ROADMAP.md — Our plan for an Agentic Governance ecosystem.
Developed by Rajan | Released under MIT License