Multi-agent systems are becoming common. CrewAI crews, LangChain agent teams, and MCP-connected assistants work together. But who controls what each agent can do?
The governance problem
Without governance, any agent can do anything. A compromised or misbehaving agent can access data it should not touch.
Policy-based access control
from asqav import Asqav
client = Asqav(api_key="sk_...")
client.create_policy(
name="no-delete",
action_pattern="data:delete:*",
action="block_and_alert",
severity="critical"
)
Multi-party authorization
For critical actions, require multiple approvals:
group = client.create_signing_group(
name="payment-approvers",
required_approvals=2
)
client.add_entity(group_id=group.id, user_id="cfo@company.com")
client.add_entity(group_id=group.id, user_id="cto@company.com")
Complete audit trail
Every action across all agents is recorded with quantum-safe signatures.
Top comments (0)