Sovereign AgentOps – Self-hosted constitutional AI governance for MCP agents
Sovereign AgentOps Community Edition is an open-source, self-hosted MCP governance server for AI agents, offering Ed25519-signed audit trails, policy enforcement, and offline deployment. It provides 7 demo tools and aligns with EU AI Act requirements, with a commercial Enterprise edition featuring 91 tools and advanced compliance.
Notifications You must be signed in to change notification settings
Fork 0
Star 0
BranchesTags
Open more actions menu
Folders and files
NameName
Last commit message
Last commit date
Latest commit
History
27 Commits
27 Commits
.github/workflows
.github/workflows
cli
cli
docs
docs
examples
examples
tests
tests
tools
tools
.dockerignore
.dockerignore
.gitignore
.gitignore
CHANGELOG.md
CHANGELOG.md
CONTRIBUTING.md
CONTRIBUTING.md
Dockerfile
Dockerfile
LICENSE.community
LICENSE.community
Makefile
Makefile
README.md
README.md
SECURITY.md
SECURITY.md
docker-compose.yml
docker-compose.yml
mkdocs.yml
mkdocs.yml
pyproject.toml
pyproject.toml
Repository files navigation
Runtime-agnostic governed agent execution — demo and evaluation edition
Quick Install
PyPI (standalone CLI + MCP server)
pip install sovereign-agentops-community
Docker
docker pull geludobre/sovereign-agentops-community
From source
git clone https://github.com/geludobre/sovereign-agentops.git cd community && pip install -e .
Full documentation
→ https://geludobre.github.io/sovereign-agentops/
What is this?
A self-hosted MCP governance server for AI agents — the Community Edition demonstrates constitutional governance, Ed25519-signed audit trail, and EU AI Act-aligned compliance tooling. It provides 7 MCP tools that showcase policy enforcement, Ed25519-signed execution receipts, workspace path jailing, and local model routing — with real cryptography, not simulations. Deploy fully offline, air-gapped, or behind your own firewall with zero external dependencies.
The full Enterprise platform (91 MCP tools, 486 endpoints, 88 web UI tabs, constitutional governance, service catalogue, compliance automation, fleet command, agent-owned assets, digital twin simulation, and autonomous incident resolution) is available under a commercial license.
Quickstart
1. Install dependencies
pip install cryptography>=41.0.0
2. Run the MCP governance server (JSON-RPC over stdio)
python3 tools/mcp_server.py
In another terminal, send it commands:
List available tools
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | python3 tools/mcp_server.py
Check if a command is allowed by policy
echo '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"demo_policy_check","arguments":{"command":"git push origin main","path":"/workspace/repo"}}}' | python3 tools/mcp_server.py
Sign an execution receipt with real Ed25519
echo '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"demo_receipt_sign","arguments":{"action":"deploy","target":"web-app"}}}' | python3 tools/mcp_server.py
Docker
docker compose up --build
The server runs in stdio mode inside the container. Send commands via stdin:
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' \ | docker exec -i agentops-demo python3 tools/mcp_server.py
Tools
Tool Description
demo_policy_check Evaluate whether a command + path is allowed/blocked by policy
demo_receipt_sign Create an Ed25519-signed execution receipt
demo_receipt_verify Verify a receipt's Ed25519 signature
demo_model_route Show which local LLM endpoint would handle a prompt
demo_workspace_jail Check whether a path is confined within a workspace root
demo_audit_log Return recent entries from the in-memory signed audit log
demo_server_info Server metadata: version, public key, crypto backend
Receipt Verification
Every signed receipt includes the server's Ed25519 public key. Use the included CLI tool to verify:
The server prints its public key on startup (stderr) and in every signed receipt
python3 cli/receipt-verify.py --verify path/to/receipt.json
The server generates a fresh Ed25519 keypair on first run, stored at ~/.config/agentops/ed25519_private.key (permissions 0o400).
Why Autonomous Digital Organization Platform?
Teams adopting AI coding agents in regulated environments need to control what commands agents can run, audit every action with cryptographic proof, and operate entirely offline. This community edition demonstrates the concept with real crypto and real policy enforcement — the Enterprise platform delivers the full production stack.
Feature Comparison
Feature Community Enterprise
Policy enforcement (allow/block/detect) 7 demo tools Full production stack
Ed25519-signed execution receipts Yes Yes
Receipt verification CLI Yes Yes
Workspace path jail Demo Full enforcement
Model routing heuristic Demo 15+ provider routing
Signed audit log In-memory SQLite hash-chain
MCP tools 7 demo tools 91 tools (91 static + 0 plugins)
Constitutional governance No 6-layer (Cortex, Policy, Autonomy, Memory, Federation)
Web UI No 91+ tabs (Flask + SocketIO)
PostgreSQL / Redis persistence No Yes
Agent orchestration No Capability registry, message bus, DAG
Service catalogue No Auto-discovery, health, SLA
Observability hub No LLM tracing, SLOs, cost analytics
Compliance automation (SOC2/HIPAA/PCI) No Weighted scoring, PDF reports, SoD
Fleet command No Multi-instance, heartbeat, treaty-gated
Agent-owned assets No Token/data/compute/artifact/credential
Digital twin simulator No What-if analysis, scenario sim
Autonomous incident resolution No ML diagnosis, auto-resolve, pattern learning
Self-negotiating treaties No 6 treaty types, dual-signed
SSO (SAML/OIDC) No Yes
RBAC custom roles No Yes
High-availability cluster No Yes
Commercial license Apache 2.0 Enterprise EULA
Documentation
Architecture Overview — governance layer design
Security Model — defense-in-depth architecture
Contributing Guide — how to contribute
Changelog — release history
License
Community Edition is open source under Apache 2.0 with an Enterprise Edition exclusion clause. See LICENSE.community for details.
Enterprise Edition features require a commercial license from FinBridge.
Built on the MCP protocol. Governance, not lock-in.
Get Involved
🐛 Report bugs — GitHub Issues
📖 Read the docs — geludobre.github.io/sovereign-agentops/
💬 Enterprise inquiries — Enterprise Edition
📦 PyPI — pip install sovereign-agentops-community
🐳 Docker Hub — docker pull geludobre/sovereign-agentops-community
About
Sovereign AgentOps — Community Edition: Runtime-agnostic governed agent execution with real Ed25519 crypto
Resources
Readme
License
View license
Contributing
Contributing
Security policy
Security policy
Uh oh!
There was an error while loading. Please reload this page.
Activity
Stars
0 stars
Watchers
0 watching
Forks
0 forks
Report repository
Releases 1
v2.0.0
Latest
Jul 9, 2026
Packages 0
Uh oh!
There was an error while loading. Please reload this page.
Contributors
Uh oh!
There was an error while loading. Please reload this page.
Languages
Python 93.0%
Dockerfile 3.5%
Makefile 3.5%