AEGIS Governance SDK
Quantitative governance for engineering decisions. AEGIS evaluates proposals through six independent gates — Bayesian confidence, complexity analysis, quality metrics, and utility functions — returning structured PROCEED / PAUSE / ESCALATE / HALT decisions with cryptographic audit trails.
Install
pip install aegis-governanceWhy AEGIS?
"Should we ship this?" is a gut call
Six quantitative gates with Bayesian confidence scoring
No audit trail for engineering decisions
Every evaluation gets a unique decision_id, hash-chained audit log, and cryptographic signatures
Risk thresholds are tribal knowledge
Configurable, frozen parameters with version-controlled YAML schemas
AI agents act without governance
MCP server, GitHub Action, REST API, and CLI for agent-native integration
Quick Start
Get a governance decision in under 10 lines of code. Choose your preferred integration method below.
Installation
pip install aegis-governanceAEGIS has zero runtime dependencies. Optional extras are available for crypto (pip install aegis-governance[crypto]), telemetry, and persistence.
Usage Examples
from aegis_governance import AegisConfig, PCWContext, PCWPhase, pcw_decide
config = AegisConfig.default()
evaluator = config.create_gate_evaluator()
decision = pcw_decide(
PCWContext(
agent_id="my-agent",
session_id="session-1",
phase=PCWPhase.PLAN,
proposal_summary="Add Redis caching layer",
estimated_impact="medium",
risk_proposed=0.15,
complexity_score=0.7,
),
gate_evaluator=evaluator,
)
print(decision.status) # PCWStatus.PROCEED
print(decision.decision_id) # unique audit ID
print(decision.rationale) # human-readable explanationVerify the Result
Every evaluation returns a structured PCWDecision object with the decision status, confidence score, gate results, and a unique audit ID.
{
"status": "proceed",
"decision_id": "d-a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"confidence": 0.97,
"gates_passed": 6,
"gates_failed": 0,
"failing_gates": [],
"rationale": "All 6 gates passed with high confidence.",
"next_steps": ["Execute the proposed change."],
"constraints": [],
"override_eligible": false
}statusOne of: "proceed", "pause", "escalate", "halt"confidenceAggregate posterior confidence across all gates (0-1)decision_idUnique identifier for audit trail lookupsfailing_gatesList of gate names that did not passThe decision_id is your audit key. Every evaluation is logged with its full context, gate results, and timestamp for compliance and debugging.
Core Concepts
Every proposal flows through a six-gate evaluation pipeline. Each gate applies a distinct mathematical method to produce a quantitative pass/fail signal. The aggregate of all six gates determines the final decision: PROCEED, PAUSE, ESCALATE, or HALT.
The Six Gates
Risk
Computes P(delta >= 2 | data) via conjugate Bayesian update to quantify risk confidence.
Profit
Evaluates expected profit contribution using the same Bayesian framework as the risk gate.
Novelty
Applies a logistic curve to novelty scores, rewarding innovation within safe bounds.
Complexity
Ensures proposals don't exceed a complexity ceiling that would impede maintainability.
Quality
Validates quality subscores (testing, docs, review) with a floor and no-zero policy.
Utility
Computes a lower-confidence-bound utility estimate, requiring net-positive expected value.
Decision Outcomes
Confidence Scores
Each gate produces a confidence value between 0 and 1, representing the statistical strength of its evaluation. These per-gate confidence values are aggregated into an overall confidence score returned with every decision.
Confidence is not the probability of success. It is a statistical measure of how much evidence supports the gate's pass/fail determination. A confidence of 0.97 means the gate has strong statistical backing for its result, not that there is a 97% chance the proposal will succeed.
Configuration
AEGIS ships with sensible defaults. Override any parameter via YAML or constructor.
Defaults
from aegis_governance import AegisConfig
# Use built-in defaults
config = AegisConfig.default()
# Inspect values
config.risk_trigger_factor # 2.0
config.trigger_confidence_prob # 0.95
config.complexity_floor # 0.5
config.quality_min_score # 0.7
config.novelty_threshold # 0.8
config.utility_threshold # 0.0YAML Loading
parameters:
risk_gate:
trigger_factor: 2.5
confidence_threshold: 0.90
complexity_gate:
floor: 0.6
quality_gate:
floor: 0.75
novelty_gate:
output_threshold: 0.85config = AegisConfig.from_yaml("aegis.yaml")Parameter Reference
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
risk_trigger_factor | float | Optional | 2.0 | Multiplier for Bayesian risk posterior threshold |
trigger_confidence_prob | float | Optional | 0.95 | Minimum posterior confidence for risk and profit gates |
complexity_floor | float | Optional | 0.5 | Minimum normalized complexity score to pass |
quality_min_score | float | Optional | 0.7 | Minimum quality score (0-1) to pass the gate |
novelty_threshold | float | Optional | 0.8 | Logistic output threshold for novelty gate |
utility_threshold | float | Optional | 0.0 | Lower confidence bound floor for utility gate |
mcp_rate_limit | int | Optional | 60 | MCP server rate limit (requests per minute, 0 to disable) |
All parameters are frozen dataclass fields. Modify only via constructor or YAML — runtime mutation is not supported.
Python SDK
The Python SDK is the primary interface. Import pcw_decide, build a PCWContext, and get a structured PCWDecision back.
pcw_decide()
from aegis_governance import (
AegisConfig,
PCWContext,
PCWPhase,
PCWStatus,
pcw_decide,
)
config = AegisConfig.default()
evaluator = config.create_gate_evaluator()
decision = pcw_decide(
PCWContext(
agent_id="deploy-bot",
session_id="session-42",
phase=PCWPhase.PLAN,
proposal_summary="Add Redis caching layer",
estimated_impact="medium",
risk_proposed=0.15,
complexity_score=0.7,
),
gate_evaluator=evaluator,
)
print(decision.status) # PCWStatus.PROCEED
print(decision.decision_id) # "d-a1b2c3..."
print(decision.rationale) # human-readable explanationPCWContext Fields
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
agent_id | str | Required | — | Unique identifier for the calling agent |
session_id | str | Required | — | Session or conversation identifier |
phase | PCWPhase | Required | — | Workflow phase: PLAN, COMMIT, WORK |
proposal_summary | str | Required | — | Human-readable description of the proposal |
estimated_impact | str | Required | — | Impact level: low, medium, high, critical |
risk_proposed | float | Optional | 0.0 | Risk score (0-1) for the proposal |
complexity_score | float | Optional | 0.5 | Complexity score (0-1) |
quality_score | float | Optional | 0.7 | Aggregate quality score (0-1) |
quality_subscores | list[float] | Optional | [0.7, 0.7, 0.7] | Quality sub-metric scores (testing, docs, review) |
novelty_score | float | Optional | 0.5 | Novelty score (0-1) |
profit_proposed | float | Optional | 0.0 | Expected profit of the proposed change (0-1) |
PCWDecision Response
{
"status": "proceed",
"decision_id": "d-a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"confidence": 0.97,
"gates_passed": 6,
"gates_failed": 0,
"failing_gates": [],
"rationale": "All 6 gates passed with high confidence.",
"next_steps": ["Execute the proposed change."],
"constraints": [],
"timestamp": "2026-03-01T12:00:00+00:00",
"override_eligible": false
}statusOne of: "proceed", "pause", "escalate", "halt"confidenceAggregate posterior confidence (0-1)failing_gatesList of gate names that did not passgates_failedCount of gates that did not passPass shadow_mode=True to pcw_decide() to evaluate without affecting production telemetry. Returns a ShadowResult with drift analysis.
REST API
AEGIS is deployed as a Lambda-backed API Gateway. Three endpoints are available.
POST /evaluate
The primary evaluation endpoint. Submit a proposal with risk, complexity, quality, and novelty inputs to receive a full six-gate governance decision.
curl -X POST https://your-api-gateway.amazonaws.com/dev/evaluate \
-H "Content-Type: application/json" \
-d '{
"proposal_summary": "Add Redis caching layer",
"estimated_impact": "medium",
"risk_proposed": 0.15,
"complexity_score": 0.7,
"quality_subscores": [0.9, 0.8, 0.85]
}'{
"status": "proceed",
"decision_id": "d-a1b2c3d4",
"confidence": 0.97,
"gates_passed": 6,
"gates_failed": 0,
"failing_gates": [],
"rationale": "All 6 gates passed.",
"next_steps": ["Execute the proposed change."],
"constraints": [],
"override_eligible": false
}POST /risk-check
A lighter endpoint for quick risk threshold checks. Compares a risk score against a threshold without running the full gate pipeline.
curl -X POST https://your-api-gateway.amazonaws.com/dev/risk-check \
-H "Content-Type: application/json" \
-d '{"risk_score": 0.4, "threshold": 0.5}'{
"safe": true,
"risk_score": 0.4,
"threshold": 0.5,
"agent_id": "lambda-caller"
}GET /health
Health check endpoint. Returns service status and version.
curl https://your-api-gateway.amazonaws.com/dev/health{
"status": "healthy",
"version": "1.0.0",
"stage": "dev",
"config_loaded": true
}The production API requires AWS IAM Signature V4 authentication. For local development, use the Python SDK or CLI directly.
CLI Reference
The aegis CLI provides governance evaluation directly from your terminal.
aegis evaluate
Evaluate a proposal through all 6 gates. Pass input as a JSON file (--input) or pipe JSON to stdin.
# Evaluate from a JSON file
aegis evaluate --input proposal.json
# Pipe JSON via stdin
echo '{
"proposal_summary": "Add Redis caching layer",
"estimated_impact": "medium",
"risk_proposed": 0.15,
"complexity_score": 0.7
}' | aegis evaluate
# With custom config and shadow mode
aegis evaluate --config aegis.yaml --shadow
# With telemetry and drift detection
aegis evaluate --input proposal.json \
--telemetry-url https://telemetry.example.com \
--drift-baseline baseline.jsonOther Commands
# Check AEGIS version
aegis version
# Health check (verifies dependencies)
aegis health
# Validate a YAML config file
aegis validate-config aegis.yaml
# Dump Prometheus metrics
aegis metricsThe CLI outputs JSON by default. Pipe to jq for pretty-printing: aegis evaluate --input proposal.json | jq .
MCP Server
The MCP (Model Context Protocol) server lets AI agents call AEGIS governance tools directly. Supports stdio and HTTP transports.
Setup
# Install
pip install aegis-governance
# Start stdio server (default)
aegis-mcp-server
# Start HTTP server
aegis-mcp-server --transport http --port 8080Available Tools
The MCP server exposes four tools that AI agents can invoke via the standard tool-calling protocol.
aegis_evaluate_proposal
Full governance evaluation through all 6 gates. Accepts proposal summary, impact, risk, complexity, quality subscores, and novelty score.
aegis_quick_risk_check
Quick risk threshold check. Accepts risk_score and optional threshold.
aegis_check_thresholds
Introspect all 6 gate thresholds and current configuration. Call before submitting proposals to understand gate behavior.
aegis_get_scoring_guide
Get parameter derivation guidance for a specific domain. Returns formulas, examples, and range guides.
Agent Configuration
{
"mcpServers": {
"aegis": {
"command": "aegis-mcp-server",
"args": []
}
}
}Rate limiting defaults to 60 requests per minute. Adjust via mcp_rate_limit in your AegisConfig.
GitHub Action
Add AEGIS as a governance gate in your CI/CD pipeline with the reusable composite action.
Workflow Example
name: Governance Gate
on: [pull_request]
jobs:
aegis-gate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: undercurrent-holdings/aegis-governance/.github/actions/aegis-gate@main
with:
proposal: ${{ github.event.pull_request.title }}
impact: medium
risk_score: "0.2"Inputs & Outputs
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
proposal | string | Required | — | Proposal summary (usually the PR title) |
impact | string | Required | — | Impact level: low, medium, high, critical |
risk_score | string | Optional | 0.0 | Risk score as string (0–1) |
complexity | string | Optional | 0.0 | Complexity score as string (0–1) |
config_path | string | Optional | — | Path to custom aegis.yaml config file |
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
status | string | Optional | — | Decision status: proceed, pause, escalate, halt |
decision_id | string | Optional | — | Unique audit identifier for the evaluation |
confidence | string | Optional | — | Aggregate confidence score |
The action will fail the workflow step if the decision is HALT or ESCALATE. PAUSE decisions pass with a warning annotation.
Resources & Full Docs
This portal covers the essentials. For deep-dive reference documentation, deployment guides, compliance frameworks, and architecture decisions, visit the full documentation site.
Complete reference docs — API reference, deployment guides, architecture, compliance.
Detailed pcw_decide() reference, PCWContext fields, AegisConfig options, shadow mode.
Endpoint schemas, authentication, request/response examples, error codes.
MCP server setup, tool schemas, transport options, rate limiting.
Source code, issues, and contribution guidelines.
Install via pip. Published releases and version history.
Release notes, breaking changes, and migration guides.
Docker, Kubernetes, AWS Lambda/ECS deployment, observability, HSM.