AegisFlow代理治理系统
AI Skill Hub 推荐使用:AegisFlow代理治理系统 是一款优质的MCP工具。AI 综合评分 7.8 分,在同类工具中表现稳健。如果你正在寻找可靠的MCP工具解决方案,这是一个值得深入了解的选择。
📚 深度解析
通过安装 AegisFlow代理治理系统,你的 AI 助手将获得额外的工具调用能力,可以用自然语言直接操控该工具的功能,无需学习复杂的命令行语法。MCP 工具的核心价值在于"一次配置,永久增强"——配置完成后,每次与 AI 对话时都可以无缝调用这些工具。
在技术实现上,MCP 工具通过标准的 JSON-RPC 协议与 AI 客户端通信,工具的功能以"工具列表"的形式暴露给 AI 模型,AI 可以按需调用。AegisFlow代理治理系统 提供了结构化的工具调用接口,使 AI 模型能够精确地理解和使用每个功能点,显著降低 AI 在工具使用上的错误率。
与传统的 API 集成相比,MCP 工具的优势在于无需编写代码——用户只需在配置文件中添加几行 JSON,即可让 AI 获得全新能力。AI Skill Hub 将 AegisFlow代理治理系统 评为 AI 评分 7.8 分,属于同类工具中的优质选择。
📋 工具概览
AegisFlow代理治理系统 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
📖 中文文档
AegisFlow代理治理系统 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
- 通过标准 MCP 协议与 Claude、Cursor 等主流 AI 客户端深度集成
- 提供结构化工具调用接口,显著降低 AI 集成复杂度
- 支持 Claude Desktop 和 Claude Code 无缝接入,开箱即用
- 可与其他 MCP 工具组合叠加,构建完整 AI 工作站
- 轻量无侵入设计,不影响现有系统架构
- 在 Claude Desktop 对话中直接调用本地工具,实现 AI 与系统的深度联动
- 通过自然语言驱动复杂的多步骤自动化任务,代替繁琐手动操作
- 将多个 MCP 工具组合使用,构建个人专属 AI 工作站
# 方式一:通过 Claude Code CLI 一键安装
claude skill install https://github.com/saivedant169/AegisFlow
# 方式二:手动配置 claude_desktop_config.json
{
"mcpServers": {
"aegisflow------": {
"command": "npx",
"args": ["-y", "aegisflow"]
}
}
}
# 配置文件位置
# macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
# Windows: %APPDATA%/Claude/claude_desktop_config.json
- 确认已安装 Node.js(v18 或以上版本)
- 打开 Claude Desktop 或 Claude Code 的 MCP 配置文件
- 按「交给 Agent 安装 → Claude Desktop」标签中的 JSON 配置填入 mcpServers 字段
- 保存配置文件并重启 Claude 客户端
- 重启后,在对话中即可使用本工具
# 安装后在 Claude 对话中直接使用 # 示例: 用户: 请帮我用 AegisFlow代理治理系统 执行以下任务... Claude: [自动调用 AegisFlow代理治理系统 MCP 工具处理请求] # 查看可用工具列表 # 在 Claude 中输入:"列出所有可用的 MCP 工具"
// claude_desktop_config.json 配置示例
{
"mcpServers": {
"aegisflow______": {
"command": "npx",
"args": ["-y", "aegisflow"],
"env": {
// "API_KEY": "your-api-key-here"
}
}
}
}
// 保存后重启 Claude Desktop 生效
简介
<p align="center"> <h1 align="center">AegisFlow</h1> <p align="center"> <strong>Local-first runtime governance for coding agents and tool-using agents</strong> </p> <p align="center"> Let agents read, test, edit, and open PRs safely. Block destructive actions,<br/> review risky writes, mint short-lived credentials, and verify tamper-evident evidence. </p> <p align="center"> <a href="#start-here-governed-pr-writer">Start Here</a> | <a href="#what-aegisflow-controls">What It Controls</a> | <a href="#how-it-works">How It Works</a> | <a href="#design-principles">Design Principles</a> | <a href="#legacy--supporting-capabilities">Gateway Mode</a> | <a href="#contributing">Contributing</a> </p> </p>
---
Start here: See the governed PR-writer walkthrough with blocked shell actions, reviewed GitHub writes, scoped credentials, and verifiable evidence. → docs/PR_WRITER.md
Legacy / Supporting Capabilities
The sections below cover gateway mode — AegisFlow's earlier identity as an OpenAI-compatible AI gateway with policy, observability, and mock provider. Gateway mode is still fully supported and is what powers the governance plane internally, but the primary product story is governed agent execution above. If you arrived here looking for an AI gateway, this is the right place.
Features
Install without building from source
Grab a prebuilt binary (no Go toolchain needed):
curl -fsSL https://raw.githubusercontent.com/saivedant169/AegisFlow/main/scripts/install.sh | shOr run the published container:
docker run --rm -p 8080:8080 -p 8081:8081 \
-v "$PWD/configs/aegisflow.yaml:/app/configs/aegisflow.yaml" \
saivedant169/aegisflow:v0.8.0Building from source still works (make build, Go 1.26.4+) if you prefer.
---
Option 1: Docker Compose
git clone https://github.com/saivedant169/AegisFlow.git
cd AegisFlow
docker compose -f deployments/docker-compose.yaml upPutting nginx or Caddy in front for TLS, SSE buffering, and admin-port isolation: see docs/deploy/reverse-proxy.md. Hit a snag? docs/troubleshooting.md covers port conflicts, Docker daemon issues, GitHub App config, invalid policy files, and evidence-verify failures.
Install Go 1.26.4+
brew install go
Clone and build
git clone https://github.com/saivedant169/AegisFlow.git cd AegisFlow make build
Cost-free examples
The examples directory includes local-only configs and requests:
examples/configs/single-tenant.yamlexamples/configs/multi-tenant.yamlexamples/configs/policy-blocking.yamlexamples/requests/openai-compatible-curl.sh
Run an example config:
make build
./bin/aegisflow --config examples/configs/single-tenant.yaml
./examples/requests/openai-compatible-curl.shOne-click gateway demo
git clone https://github.com/saivedant169/AegisFlow.git
cd AegisFlow
make demo-localRun the governance demo
```bash
In another terminal, run the interactive demo
./scripts/demo.sh
The demo walks through the full agent governance flow: allowed reads, blocked
destructive operations, human-in-the-loop approval for writes, and evidence
chain verification. See [`configs/demo.yaml`](configs/demo.yaml) for the
policy configuration and [`scripts/demo.sh`](scripts/demo.sh) for the script.
To run with Docker instead:
Run the interactive demo
./scripts/realworld_demo.sh ```
The demo sends MCP tool calls through AegisFlow and demonstrates: - Allowed reads: github.list_repos, github.list_pull_requests pass through - Review required: github.create_pull_request enters the approval queue - Blocked destructive ops: github.delete_repo is rejected - Evidence chain: all decisions are recorded and verifiable
See configs/realworld.yaml for the policy configuration, scripts/mock-mcp-server.js for the mock server, and scripts/realworld_demo.sh for the full test script.
---
The core object: ActionEnvelope
Every agent action is normalized into an ActionEnvelope:
type ActionEnvelope struct {
ID string // unique action ID
Actor ActorInfo // who: user, agent, session
Task string // declared task or ticket
Protocol string // MCP, HTTP, shell, SQL, Git
Tool string // github.create_pull_request, shell.exec
Target string // repo, host, table, service
Parameters map[string]any // normalized arguments
RequestedCapability string // read, write, delete, deploy, approve
CredentialRef string // to-be-issued or attached
PolicyDecision string // allow, review, block
EvidenceHash string // chain pointer
Justification string // model explanation, approval, policy match
}---
Option 2: Run locally
```bash
Run with default config
make run ```
Start AegisFlow with demo config
make run CONFIG=configs/demo.yaml
Configuration
AegisFlow is configured via a single YAML file. See configs/aegisflow.example.yaml for the full annotated reference.
Minimal config
server:
port: 8080
admin_port: 8081
providers:
- name: "mock"
type: "mock"
enabled: true
default: true
tenants:
- id: "default"
api_keys: ["my-api-key"]
rate_limit:
requests_per_minute: 60
tokens_per_minute: 100000
routes:
- match:
model: "*"
providers: ["mock"]
strategy: "priority"Policy configuration
policies:
input:
- name: "block-jailbreak"
type: "keyword"
action: "block"
keywords:
- "ignore previous instructions"
- "ignore all instructions"
- "DAN mode"
- name: "pii-detection"
type: "pii"
action: "warn"
patterns: ["ssn", "email", "credit_card"]
output:
- name: "content-filter"
type: "keyword"
action: "log"
keywords: ["harmful-keyword"]Multi-provider config with fallback
providers:
- name: "openai"
type: "openai"
enabled: true
base_url: "https://api.openai.com/v1"
api_key_env: "OPENAI_API_KEY"
models: ["openai-chat", "openai-fast"]
- name: "anthropic"
type: "anthropic"
enabled: true
base_url: "https://api.anthropic.com/v1"
api_key_env: "ANTHROPIC_API_KEY"
models: ["claude-sonnet-4-20250514"]
routes:
- match:
model: "openai-*"
providers: ["openai", "mock"]
strategy: "priority"
- match:
model: "claude-*"
providers: ["anthropic", "mock"]
strategy: "priority"---
Adoption
- [x] Phase 9: Governed Coding Agent Starter Kit (3 policy packs, editor configs, Docker/Helm/Terraform deploy templates, efficacy tests, evidence examples)
- [x] Phase 10: PR-writer proof page, focused installer, tuned policy pack, design-partner onboarding
---
API Reference
Gateway API (port 8080)
| Method | Endpoint | Description |
|---|---|---|
GET | /health | Health check |
POST | /v1/chat/completions | Chat completion (streaming and non-streaming) |
GET | /v1/models | List available models |
WS | /v1/ws | WebSocket endpoint for persistent connections |
Admin API (port 8081)
| Method | Endpoint | Description |
|---|---|---|
GET | /health | Admin health check |
GET | /metrics | Prometheus metrics |
GET | /admin/v1/usage | Usage statistics per tenant |
GET | /admin/v1/providers | Provider status and health |
GET | /admin/v1/tenants | Tenant configuration summary |
GET | /admin/v1/policies | Active policy rules |
GET | /admin/v1/whoami | Current API key role and tenant |
GET | /admin/v1/analytics | Real-time analytics summary |
GET | /admin/v1/alerts | Recent anomaly alerts |
POST | /admin/v1/alerts/{id}/acknowledge | Acknowledge alert |
GET | /admin/v1/budgets | Budget statuses and forecasts |
GET | /admin/v1/cost-recommendations | Cost optimization recommendations |
GET | /admin/v1/audit | Query audit log (filter by actor, action, tenant) |
POST | /admin/v1/audit/verify | Verify audit chain integrity |
POST | /admin/v1/graphql | GraphQL admin API |
GET | /admin/v1/approvals | List pending approvals |
POST | /admin/v1/approvals/{id}/approve | Approve action |
POST | /admin/v1/approvals/{id}/deny | Deny action |
GET | /admin/v1/evidence/sessions | List evidence sessions |
GET | /admin/v1/evidence/sessions/{id}/export | Export session evidence (JSON) |
GET | /admin/v1/evidence/sessions/{id}/report | Human-readable Markdown report |
GET | /admin/v1/evidence/sessions/{id}/report.html | HTML evidence report |
POST | /admin/v1/evidence/sessions/{id}/verify | Verify session chain integrity |
GET | /admin/v1/credentials | List active credentials |
POST | /admin/v1/credentials/{id}/revoke | Revoke a credential |
GET | /admin/v1/manifests | List active task manifests |
POST | /admin/v1/manifests | Create task manifest |
GET | /admin/v1/manifests/{id}/drift | Get drift events for manifest |
GET | /admin/v1/tickets | List capability tickets |
GET | /admin/v1/sessions/{id}/risk | Session behavioral risk score |
POST | /admin/v1/test-action | Test policy decision without executing |
POST | /admin/v1/simulate | Simulate policy with full trace |
GET | /admin/v1/rollouts | List canary rollouts |
GET | /admin/v1/health/detailed | Detailed health with provider status |
GET | /admin/v1/supply-chain | Supply chain asset trust status |
---
Runtime Integration
- [x] Approval notifications: Slack + GitHub notifiers fire automatically on submit/approve/deny
- [x] Behavioral kill switch: Sessions auto-blocked when cumulative risk exceeds threshold
- [x] Manifest drift enforcement: Configurable
warn/enforcemode blocks out-of-scope actions - [x] Evidence reports: Human-readable Markdown and HTML reports for auditors
创新的代理治理方案,填补AI安全管理空白。Go实现性能优异,MCP标准兼容性强,但生态成熟度有限,适合前沿探索者。
⚡ 核心功能
- 通过标准 MCP 协议与 Claude、Cursor 等主流 AI 客户端深度集成
- 提供结构化工具调用接口,显著降低 AI 集成复杂度
- 支持 Claude Desktop 和 Claude Code 无缝接入,开箱即用
- 可与其他 MCP 工具组合叠加,构建完整 AI 工作站
- 轻量无侵入设计,不影响现有系统架构
👥 适合人群
🎯 使用场景
- 在 Claude Desktop 对话中直接调用本地工具,实现 AI 与系统的深度联动
- 通过自然语言驱动复杂的多步骤自动化任务,代替繁琐手动操作
- 将多个 MCP 工具组合使用,构建个人专属 AI 工作站
⚖️ 优点与不足
- +Apache-2.0 协议,可免费商用
- +标准化 MCP 协议,生态互联性强
- +与 Claude 官方生态无缝对接
- +即插即用,配置简单快捷
- −依赖 Claude 客户端,非 Claude 用户无法使用
- −MCP 协议仍在持续演进,接口可能变更
- −需要一定的配置步骤
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
✅ Apache 2.0 — 宽松开源协议,可商用,需保留版权声明和 NOTICE 文件,含专利授权条款。
🔗 相关工具推荐
❓ 常见问题 FAQ
总体来看,AegisFlow代理治理系统 是一款质量良好的MCP工具,在同类工具中具备一定竞争力。AI Skill Hub 将持续追踪其更新动态,建议收藏备用,结合自身场景选择合适时机引入使用。
| 原始名称 | AegisFlow |
| 原始描述 | 开源MCP工具:Runtime governance for coding agents and tool-using agents. Allow/review/block M。⭐20 · Go |
| Topics | 代理治理MCP工具编码代理安全控制GitHub集成 |
| GitHub | https://github.com/saivedant169/AegisFlow |
| License | Apache-2.0 |
| 语言 | Go |
收录时间:2026-06-10 · 更新时间:2026-06-11 · License:Apache-2.0 · AI Skill Hub 不对第三方内容的准确性作法律背书。