Governance patterns, security research, and SDK updates for TypeScript AI agent developers.
API gateway governance is too late. By the time a request reaches your proxy, the agent has already constructed the payload, resolved credentials, and committed to the action. Inline governance — running inside the same process, before tool execution — is the only model that actually stops bad decisions.
We catalogued 64+ prompt injection patterns across 7 categories from production incidents, CTF writeups, and red-team research. Here they are — with detection logic you can drop into governance-sdk today.
Article 9 (risk management), 13 (transparency), 14 (human oversight), 15 (accuracy), 17 (quality management), and 61 (post-market monitoring) — these six articles apply to high-risk AI systems. Here's what each requires in code.
Append-only logs aren't tamper-evident — they can be deleted or rewritten. An HMAC chain is: each event includes the hash of the previous one, so any modification breaks the entire chain. Here's how governance-sdk implements it.
Governance score = f(auth, guardrails, observability, audit, human_oversight, compliance, identity). Each dimension 0–15 points. L0–L4 levels. Here's the full model, why we chose these dimensions, and how to move your agents from L2 to L4.
When you ship AI features to 500 customers, each one needs isolated policies, separate audit logs, and scoped analytics. The governance-sdk enterprise module provides namespace isolation with zero cross-tenant contamination.
A kill switch sounds simple: turn off the agent. But in a distributed fleet, 'turned off' means different things to different agents. Priority 999. SIGKILL semantics. Revive without memory corruption. Here's the design.
createGovernanceMiddleware() wraps every tool call in your Mastra agent with policy enforcement, injection detection, and audit logging. Before each call. After each call. Zero code changes to your existing tools.
Watch the GitHub releases or follow @lua-ai-global for updates.