Open Source Friday: Governance for AI agents with Imran Siddique

Heat. Heat. Heat. Heat. Heat. [music] Heat. Hey, Heat. Heat. Hey. Hey. Hey. and welcome Welcome to Open Source Friday. Iran, thank you for being here. Well, thank you so much. Thanks. Thanks so much. I'm looking forward to it. I'm so excited to have you here and this is actually a pre-recorded session because we are all at Microsoft Build and so I hope you watch and tune in to all the announcements of that. There will be another show about what open source things were covered there. But today we're here to learn and even though we're not uh transmitting live, we will both be taking a look at the chat. So feel free to drop your questions or your comments from Imran and myself and yeah I'm super eager to learn what you bringing us today. Awesome. Let's jump into it. Hey everyone, welcome to Open Source Friday. This is Immran. I am principal group engineering manager at Microsoft and the creator of agent governance toolkit also known as AGT. Uh quick one context before we dive in. Everyone in the AI space is talking about how to govern AI agents. Uh how to make them safe, auditable, controllable. Uh that's literally what AGD does. Uh but this talk is something different. Uh it's about governing the open source project that builds those governance tool. Uh so the metal layer talks about um so when AGD hit popularity uh fast we are at 2.5K stars within a month. Um we just launched this project and uh we hit every now maintainers nightmare like spam security holes in our core AI generated PRs community confusion you name it. So today I'm going to share the actual war stories uh the real issue numbers and the tools we built to fight. Uh everything we build is MIT licensed so you can take it. All right. Okay. I'm I'm in the next slide. That's fine. Awesome. So, six war stories uh all are real from our repo. I'll give you the issue numbers so you can go look at them yourself after the show or during the show or just be with us. Um so here's a line uh popularity is a forcing function. Everything you see on the slide is a problem that either didn't exist or didn't matter when we had like 50 stars. But like as we are growing popular everything is pretty hard, very hard. Uh so we're going to move through these past because each one has takeaway pattern. uh you can apply to your own project uh whether you are maintaining a 200 star utility uh library or maybe a 10k star framework. One more thing before we start I want to be explicit that all the code and tooling we built uh in response to these uh problems we ran into in the repository is in the script/ directory folder all open source you can actually use it as you go. Okay, let me give you a quick uh baseline for anyone turning in u and who hasn't heard about a uh so the problem we are solving uh AI agents are no longer toys uh they are reading your files calling external APIs writing code making purchasing decisions they're just doing everything um and the interesting part is uh a lot of them run without governance they operate on wipes and hopes and prompts and context So, AGD is the infrastructure layer that fixes all of that. We cover all the top 10 of the O web agentic top 10 risk, policy enforcement, declarative guardrails for what agents can and cannot do, zero trust identity, cryptographic agent authentication, not just here's your API and good luck. No, we don't do that. I think we we are like execution sandboxing, you name it. I think we bring all of this governance all the way from shift left to the end. What I'm proud of uh is this is multi- uh language story. We have SDKs in Python, .NET, TypeScript, Rust and Go. That's not just a vanity chat box. It means enterprise teams can adopt AGT in whatever stack they are running today. Uh so now as we speak uh 2.5K stars, 425 FS, 50 plus contributors sounds great. Awesome. And it is uh but let me tell you also what happens when a project gets popular fast. Uh so we're going to go to the next slide and uh we'll just talk a little bit about um growth chart. So notice it's not a gender slow. It was like a sharp climb. We uh on April 2 we talked about it in our Microsoft opensource blog and then there was like a few few uh plateau and then like there was a continued growth. Uh here's the thing nobody tells you about OSS growth. Every milestone in this chart give it a category of problem. Uh when we launched nothing it was clean all good. Uh week two this first spam issue appeared. By month one we were like getting promotional feature requests that were actually paid placement pictures. By month two which is like right now we are in we are just in month two. We had enough folks that our CI started catching things human review was missing were missing and somewhere in there we discovered segment security vulnerabilities in our own code base. I'm going to talk about all of them. Uh the moment that changed our thinking was then when we realized um we are a governance toolkit. We publish ourselves as the thing that makes AI agents trustworthy and yet our own house wasn't fully in order. And that was like a wakeup call. So six stories. Let's go. Let's talk about one each one of them one by one. So issue uh 1760 uh this is my favorite because it's so brazen. Uh someone open issue not a bug report not a feature request. The title was complimentary governance integration. The body was, "Hey, love the project. We have built something that complements HGT perfectly. Advertising greatest is like 3,000 SAT shows for a 7-day sponsored mention. DM for details. Uh, Bitcoin denominated advertising in our GitHub issues on a governance toolkit. I genuinely had to read it twice. Issue 1705 uh is a settler and therefore more ranges. Uh it came in as a legitimate looking feature request. AGT is great but missing integration with external API. Uh link to the product documentation offers to send a PR uh classic product placement uh disguise as a community contribution. The red flags are on the bottom. New account uh fork burst promotional language uh no actual code external link in the entire ask. Once you see the balon you can unsee it. H we did we built a contributor checkp py I'll demo this in a few slides uh which catches these patterns automatically uh before they hit the maintainer queue. Uh the key inside is don't make your maintainers manually try spam. Uh build a tooling so spam never gets to a human because we are in the world and the spam is going to increase a lot. All right, let's keep going. This one hurt more than the spam because we caused it ourselves. After issue 1760 uh and few more like it, we built a four bust huristic. The logic seemed at tight flag accounts that are new, have fog multiple reports in 48 hours and are submitting PRs with promotion language seemed like a perfect spam signal like hey we are trying to find out like which is spam which is not. Uh then issue 1692 landed. uh a legitimate developer clearly real clearly engaged with the project opened a PR. Our CI flagged them as high-risk and auto labelled the PR. Uh they waited 3 days for a human response till he back left. Uh the reason their account triggered the histic they had f seven awesome list repositories because that's the only way to contribute to an awesome list for uh add your item submit a PR. uh our system could not distinguish between fork 7 awesome list to contribute to open source and fork seven repos as a part of spam campaign and the fix which is now in the codebase is the context aware uh scoring we look at the what they f not just how many if all folks are curated list reports with the word awesome in the name we reduce the risk uh score rather than just increase it so our story number two let's keep going so this the one I'm most uncomfortable about but I therefore the most important to share uh PR1 triple 6 we ran an adversarial assessment against our own code base we redeemed ourselves and we found seven real vulnerabilities let me walk through the critical one first because it's the most embarrassing we had a web circuit relay with zero authentication CVSS9.4 four that means any process that could reach the network would send commands to the relay in a governance toolkit in code that enterprises we start to deploy uh CBSS uh 7.8 sandbox provider accepting arbitrary commands the whole point of a sandbox is that it doesn't accept arbitrary commands we had a config but it did uh wild cards on multiple servers 7.6 six and a plug-in sandbox that exposed dangerous Python built in 7.1. You see it this wen't theoretical. These were like exploitable against real deployments. Uh what I want every maintainer to hear if you build security tooling and you haven't redeemed it yourself, if you're leaving that to someone with different intentions, uh we got lucky, you know, we found this before they uh were publicly weaponized. for every project will uh we now run adversarial assessments on a rolling schedule and I have a documented CVE disclosure process uh the process is also in the report like I said everything is in the report we have security running in every week every day every PR hours we have a lot of processes in place let's keep going there a lot of more good stories to share number four uh this is the newest problem and the one that's uh going to get worse before it gets better uh AI generated PRs uh look fine at a glance. They are syntactically correct. The commit messages are eloquent. The comments are confident. Uh and sometimes they're completely wrong in ways that aren't obvious. Uh until you actually run the code. Uh we saw three patterns. One, uh LLM generated code submitted with no human review. The contributor literally couldn't answer basic questions about what their PR did. Two, uh, code lifted from other projects, no attribution, no acknowledgement. Three, LGTM reviews um from the same account that submitted the PR sometimes from an account that appeared to be automated. So you see the patterns here with all the AI PRs getting generated. Uh, what we added to contributing MD uh is on the right side. Uh AI assisted code is welcome if you understand it and can defend in code review. Uh autonomous B submissions are discouraged. Uh prior art must be attributed and any AI generated code should be explicitly labeled. So I think these are basic uh things which we have put in place so that we accept AI generated code because that is how the code is going to be but this is what we expect from you when you bring it. So the reason I phrase this as a day discouraged rather than bad uh is that we can't actually enforce a ban and pretend we can we can is worse than having an honest uh policy. What we can do is create cultural norms and social accountability. If you have asked your AI to generate a code um do you understand the code? Can you defend it? like the basic stuff worth noting uh though this policy was itself a source of community discussion uh some contributors pushed back uh that convers conversation is healthy uh the alternative no policy ad hoc decisions is worse by everyone so AIPRs are going to be sticking with us for some time and forever and like how do we actually make sure we have the right things in place let's keep going um story number five our CI pipeline is now seven gates before a PR can merge to walk through each one because the non-obvious ones are where the value is uh DCO sign off developer certificate of origin legal hygiene every commit non-negotiable we really want to know whether you did it who did it contributor reputation check that's a contributor check py which we'll demo in a second uh security scan automated runs against every PR not releases. We got two of our seven CVS this way in subsequent PRs. Link validation. Uh this one sounds boring. Uh it isn't. When you have 50 plus tutorials and add a doc restructure happens, uh you get stale links everywhere. Uh we had 50 plus b broken links after one refactor that nobody got in code review because reviewers aren't clicking links. The bot is next one is spell check on dogs. I know spell checks but when your project is trying to build trust with enterprise customers guard rails in your readme is a problem. So you really guard rails versus guardrails. Uh unit test this come last uh intentionally in my mental model test validate behavior. uh everything above validates intense provenence and so the three real issues on the bottom issue 1826 uh was broken benchmark parts that pass because nobody was running the benchmarks you see it uh we fixed that by adding benchmark execution of the C run 50 plus tail links I already mentioned and a dependency bump that silently changed behavior pinning uh plus a div scan got it uh so you see This this like layers after layers and layers. It's not like just one like just one PR and that that's it. All right. So this is the actual function signature from contributor check py in the scripts directory. You have it. You want it, you have it. And we have early adopters also beyond repositories which are using it today. Uh so line number one uh takes a GitHub handle returns a contributor risk. Line three to four is the GitHub API. uh initializes a risk score object line and six account age under 30 days adds to the score but noted it's a weight not a binary flag lines 8 to 9 fork here 8 to 9 um fork bus check and here's a fix from war story number two we call all curated list before adding the score if all the folks are awesome list we don't paralyze line number 11 to 12 these two uh promotional language in the PR body ad score line number 13 this one um this is the score that evaluate written low medium high or so the three outcomes low medium u PR goes through normally maybe gets a soft label you see like for example if uh um someone starts a PR they're new to your repository and uh uh you want contributions you're open source I think there are healthy ways like just contribute uh checkp is going to run for you and it's going to say that hey um low risk no problem just go ahead or medium risk maybe it's okay but you still go ahead with the plan uh and you really want to do it high auto label needs mandator cute separately really collocated there's another one which is like a block auto close with templated message pointing to contributing don't allow like there is a bitcoin stuff and like all of those things we don't allow and this is like a super useful uh pipeline which we have added to the system and it has really helped us from the state where we were in where we were getting a lot of spam and the noise to signal ratio was bad to the extent that it is really manageable and I think the people who have adopted it have been using it. So I would appreciate uh you looking into it ask questions in the chat and then we are here to answer and go try it out. You can actually add it in your CI/CD pipelines today as we speak. Like I said we have one more uh war story to share uh which is uh war story number six. Uh the last story uh less dramatic but probably the highest average that we did. Um when people think community building they think write a good read me add a contributing me uh just welcome just slap it on like a contributions welcome pay badge and done and that's not community building that's community theater real community building is operational work uh so the 35 good first issues they're not just labeled good for issue uh every single one has a size label like small medium large an explicit scope boundary so contributers know exact exactly what's in and out of score acceptance acceptance criteria uh so they know when they are done and a link to the specific file of function so they need to touch so that makes time it's worth it you you really want to contribute you get started you pick one and then you know exactly where you are running into another one adopters MD uh we have a list of production users who have voluntarily added themselves uh this does three things it gives uh new contributors social proof that the project is real and deployed if to use it. Uh it gives us accountability because real users will file real issues and gives us diversity in use cases. We didn't anticipate. So this is very uh one of the good learnings which we had. Third one uh language aware reviews. We have five SDKs like I said in the start in the slide number two we have Python uh Rust Go.NET um and Typescript. uh a Python maintainer should not be reviewing go PRs doesn't make sense. So we set up code owner files per package so the right reviewer is automatically assigned. This sounds administrative but it is it also means contributors get feedback from someone who actually knows uh the language. The code is at the bottom is a coincide most OSS projects don't lack code. They lack clear paths for contributors to walk and one month project like I said ag little older than a month and we have 50 plus contributors and it is already sitting at like close to 2,000 commits heavily contributed repository in the governance space so to speak. Um let's keep going. Okay, this is this is very if I if you want to take away uh anything from this uh one I would say this slide is like for you lot of good goodness here in this slide and I would love a lot of questions on this one I'm I would be able to answer those questions six patterns all reusable all MIT license with the repository first one treat your reper like a product uh it has users attackers spammers and genuine contributors plan for all four second your anti-abuse tooling thing needs governance too. Uh build it with some rigor as your production code. Handle edge cases. Build a feedback loop like I explained when I created this contributor check. Maybe we were doing good with the uh real scenarios but then there were a lot of false positives too and then how do you take care of them and then you are protecting your repository. This doesn't go into your code which you have. Red team your own project. Schedule it. Don't wait for a community member to find what you should have found. Ready is super important. Fourth one, set AI contribution policy before you need it. Write it when you have 100 stars, not when you're drowning in LLM generated PR at 2,000 or like 5,000 stars. Super important learning for us too. TI is a governance layer, not a test runner. Co reputation, link validation, spell check. I showed all the six things which we do before we do real PR reviews. These are all first class citizens in the pipeline. Just do it. Just do it. Uh the last one I would say is uh community building is operational good first issues with scope adopters.md language aware code owners they all do the actual work like really they set up the contributors for success. Invite them and also help them really get started as quickly as possible and be on top of it like when you they have contri started the contributions because they should be feeling welcome. Any one of these can be pulled directly from the HTT repository and adapted for your own project in the you can just get started. All right. Um so what next for us? So we are not done. There are three big things on the road map. Uh so uh with respect to HGT uh cryptographic provenence and verifiable delegation these are next frontier after runtime uh enforcements. Right. We can enforce pol. We are building the ability to cryptographically prove who authorized an agent to do what with a chain of custody that survives audit. This matters enormously for the regulated industries. This is our number one road map which we are working on foundation donation consideration. We have been in conversations uh with CNCF, LF, AI and data but I think now we are almost close as we speak today uh to contribute AGT to AIF and we are talking to them. Uh the goal is to make AGT a neutral home that isn't Microsoft specific uh so regulated enterprise customers who can depend on a single vendor can adopt it with confidence that's happening. We are already uh in uh discussion with AIF. Uh the third one uh regulated verticles uh healthcare and financial services design partners we need real world constraint input from practitioners in those spaces. If you're building AI agents in a regulated environment I would love to talk to you. Uh when we need help right now uh Rust and Go SDK maintainers uh like I said five languages we have find experts in all of those languages and all of those places. uh security researchers welcome. We the more we do red teaming the more better the systems are and honestly a good documentation writers too. We have a lot of documentation to the extent that we have so much more than what we need and it super complex. Uh so we have already 35 scope issues bunch of shoes like I think ready to go. All right mostly this is the last one. um github.com/microsoft/ aentgovernance toolkit is all here therefore ask I have start the repository it generally helps with visibility and signals to the enterprise evaluated that the project is active grab a good first issue there scope sized and ready or maybe come up with your own one uh and then open a discussion if you are hit hit a maintainer is problem that we didn't cover tell us uh maybe you know we can actually work together and figure out that would be applicable to us that would be applicable to you and we can work on them together and then red team with us seriously uh we paid uh what was it full disclosure acknowledgement if you find something open a security advisory uh obviously I've given you links and stuff here but uh let's take questions oh that's there is so much here this is amazing first of all I'm so glad to see that we are actually leading this space and the creation of this toolkit is obviously I love how you created it but also to learn along the way some of the reasons why it was created to begin with and were able to like integrate those learnings into what the toolkit is now like it's a lot more mature and having gone through their own red teaming like I've not even considered doing that to my own projects so this is phenomenal for the folks who are already using like for example they're they're using actions um as part of like their CI/CD pipeline like they're they're already using copilot like that's their agent that they're using uh where would you tell them to start with the kit like what is the best way for them to start incorporating the kit. Like me personally, I'm thinking I'm going to point my agent to it and tell it to go go adopt those practices and sort of do like this own verification of of what I have going on on my own projects. But any advice that you have for projects that are already very large and have been using agentic workflows, have been using agents but have not considered like the governance and policy and the caution that you must take when using that. Love it. So we published um um a blog especially for that answer few weeks back we called it shift left governance and I think that actually said forget about uh when agents are in production when you are deploying it when your agent code is sitting in your repository what do you all have to care about and that's a very very very long detailed article that goes into each aspects of all the way from security to trying to look at compliance and all of it and then you get it like the entire package and then maybe uh as part of this video we can share that link in the uh comment section so you can go through it. That's one option. What we have also seen is the people we have been talking to they just point their GitHub copilot CLI or cloud CLI to our repository and say that hey just learn what they are doing and they have found it very useful maybe that could be also a very easy way to get started. we uh have published uh all of the CI/CD which we use we have also packaged it and made it available as reusable components uh and then we also have signed binaries available from Microsoft so that you can actually trust those so it's not like you're taking dependencies something untrusted code or untrusted binaries they are signed binaries and then you can actually they it can get added to your CI/CD pipelines and then contributor checks can come for free the compliance checks come for free and like bunch of stuff you can have it today without changing your existing code. I appreciate that and you're making it simpler for us to think about something that I don't think many developers really were concerned with like you just explained for the enterprise point of view. Obviously there are organizations that have always had a heavy mind and intentionality on their projects because security concerns etc etc. like some open source projects really don't really think about temp uh governance as if their projects were enterprise like they just think about it like this is a thing that I do and it's a public thing and and now with so many new attack vectors like we have to care about governance you think that that's something that developers are going to have to start caring like regardless if they're contributing to open source or not like should governance be something that's top of mind for all of us that's a very good question see personally what I would say is uh we have two choices. one like let's make governance a real problem and let's make everyone think about governance or let everyone just do what they are doing best which is like they're working on the open source projects and repositories and let us just take care of their governance problem and I would actually lean into the second one if uh that is a discussion I'm having with GitHub team and like other teams inside Microsoft and outside Microsoft uh is what if we solve it problem for everyone so that you don't really have to worry about it but governance is indeed problem and u and then one of the biggest problem which we are seeing today is like spam and signal to noise ratio in all of the popular uh repositories. I was doing this analysis of uh Aif, MCP, A2A and repositories including AG. I was trying to just say hey tell me how many issues you see today are real issues versus spam and I told like hey this signal to noise issue is high in all of these things and just adding some of the CI/CD pipeline which we bring to the table I think we'll just bring it down so as a developer if I'm like starting a repository if you can solve those problems for me then I can just focus on my like code which I really care about and I'm I I also feel confident because other things are taken care of that is what I would lean into I like that I think that's a better solution Honestly, that create the systems so that you can, you know, people that want to contribute don't have to be like there's a lot of mental like load that goes into thinking through all of this and there are people that are experts at it and they're doing the job like this toolkit is phenomenal for that. So, I I like that as a plan. I like what you share about the and thank you for sharing the real stories too. like I it's not flattering you know like what you were saying like this one hurt the most like I could hear it in your voice that you're like yeah like this is my project and these things were happening even in my own projects um I think if I seen like one instance of a prompt injection attack like even on our own repositories it happened to the compiler repository too like there were a couple of uh just really on the on the screen it looks like a reasonable issue that been open and an issue request has to add a project to us on copilot but then upon further review it you know it was clearly an attack disguised as like a contribution so um there's a lot of things that mine are doing to create like bitter guardrails for themselves but it's also creating a ton of burnout and like mental load and just like a lot I think this is where we're kind of failing that we didn't stop to think about like repercussions before we adopt it quickly but now is the time to start using systems like this so that we can you know maintainers can keep maintaining it people that are writing code can keep shipping but we're doing it all like more securely. Um let me ask you because there is a question about velocity like I feel like that's one of the biggest sort of uh we want to be careful and we want to adopt systems and we want to actually take governance part of be make governance part of our projects right and be an integral part of the way that we we work on our projects. But then a lot of people get stuck in the conversation of like well is this a lot of enforcement a lot of like just policy that's just keeping developers from chipping fast. Um so I don't know when you're thinking about code how much of this governance like should it be enforced like in code versus in process like and I I I will share the article about shifting left because I think like I definitely I want to read it myself but I will also share on the notes uh for folks who are thinking like okay no I'm sold I need to do this but what do you think I mean I feel for people that I might be a little bit more reluctant to start thinking in systems and thinking about adopting toolkits like this because they're afraid that creating sort of those governing of Asian behaviors is going to just slow down their projects. Yeah, I think that's a very good question. So the way I actually see it is uh you have to take care of it at some point of time and you decide when uh if you do it early, you are covered for later stages and if you don't do it early, you are going to have a you're going to pay a lot more tax. So as you go like later stages, you're going to pay more and more tax. So if I can somehow with my first check and block the PR that was a spam PR that was like a very quick check I did and then I saved my entire uh this code actually getting in getting into production and back in my customers but if I don't really have this check and then somehow someone contributes something which I was not able to like figure figure it out goes into my code shifts in production and eventually gets caught I'm paying a lot bigger tax. So, so my story is uh we need all of it but I think you know the question is all about like where do you fit in the more you can shift left the better if possible uh your velocity will go down for sure um but I think you know we have a catch [clears throat] I was looking at the velocity our own ag velocity uh like is it like really going down or is it like what's happening uh so what's happening right now is um so it think of it like this when we launched the repository. Lot of people came in and then a lot of contributions started pouring in and whatever checks and balances we had like we were just letting everyone in. Uh lot of good good PRs but some bad PRs too. So the velocity was high but then we like hey now we are running into this issue this issue all the issues I talked about and somewhere we have to start adding the guards add this guard this guard get this you can keep going and you're never going to stop things go slow things really become slow and that is what we realized things became slow but then since we stabilized all of these guards we know exactly what we want security should run weekly she some part of security should run in each PR checks uh contributor checks should happen for sure uh AI code reviews should take care of a lot of code reviews the basic ones so that like maintainers can just take care of the design and all of those things once things really stabilize our velocity has actually gone up. So what I would say is like you would find a period where you would be really getting your system stabilized with all of this like shance and all and even if you feel that things are going slow down it's slowing to make you fast and that is how we are. So if you see our velocity, you draw a graph, right? High, maybe low, but like coming back to the high. That's how we had. I appreciate that and thank you for saying what you said at the beginning. It's like you're either going to do it now or you're going to do it later, but you're going to have to take care of it regardless. This is very very interesting and I appreciate the intentionality and I'm so proud of Microsoft for putting this kit together. I can't wait to see if it's going to be part of become part of the AI a I can't say the the AF. Um because definitely setting an industry standard for us moving forward it's um it's the way to go. If teams take one thing from everything that you showed us today and from this project like say they want to start digging into one main idea maybe they're not ready to jump in all the way. What would be your recommendation for what it should be? Uh the one idea I would say is the easiest one super important one is go update your contributed or MD and align on like what you uh allow folks where you allow folks to use AI and where you really have a hard stop. just start with that because that is going to actually give some kind of like uh set the stage for everyone saying that hey while we welcome you to use AI but we also want have some expectations on the AI usage and that's a very good one and this aligns also with the OSSF uh guidelines because that is where we have been actively working with and uh they are also adopting some of this AI guidelines which says that hey AI is here it's not going anywhere everyone is going to use it uh but I think we expect you when you use AI you should be understanding how you're using it and also where it is okay where it is not okay so just very simple easy one one line like few few changes you can directly adop it from the HD and maybe I think that would be a good starting point this is amazing thank you so much I am from bringing this project uh everyone go to the repository right now and leave a star so we can get the repository trending and look at the languages that they're already available and if you are able to contribute to those or maybe add in new languages for contribution like That'd be great. And I love how you have the labels so clear and the levels of complexity. Um that that makes first- time contributors to a new open source project like feel a lot more empowered to actually choose and and sort of be less intimidated what where they want to start. So definitely take a look at the repository, take a look at the open issues. Um you encourage people to open a discussion. Is there any other place where your is it on discussions where most of the team lives like how can I if I if I see somewhere that I want to kind of get started but I want to make sure that I have a conversation before I start digging into how to contribute what would be the best place very important uh learning which we haven't worked on yet so I think everyone has been asking for a discord channel which we can have so that people can come to and and then we it's in the works I think that is something which everyone has been asking for maybe by that time we actually streaming Maybe we have it and yeah, let's see. Okay, but in the meanwhile, there are discussions and there are issues and so just, you know, go by go by the repository and take a look and see how you like to contribute. Okay, you have a really exciting time coming ahead with the inclusion into uh the new foundation plus everything that you have planned. Is there anything else in the timeline like on the road map that you like to share with us about where like AGT is going? So ag um um so the whole idea we came up with ag was everyone is building agents and the the year of playing around having fun demos it's gone I think this is a time when everyone is getting very serious so are the laws around it like the laws ei stopped there this Colorado act which is saying that hey typing the rules around usage of AI usage of RLMs usage of agents and everyone wants some kind of governance so came in from Microsoft saying that hey you still don't have to worry about keep going build your agents and we can actually take care of all of these things for you if you use a so you get it for free um and there is open source multi- language and I think it works with Google Amazon Microsoft everywhere actually all kind of frameworks so it's in a good shape now I think the next tip which we are uh going into is first like I said we want to give it to the standards so that this is for everyone it's not tied up to one uh so like the way you have MCP and goose and other stuff sitting at a it will be just sitting there. So it's like governance is like also one of the standards. Second thing is like we also are partnering with a lot of uh runtime and uh confidential computer and other spaces trying to see that depending on like what kind of trust you really want in your agent production. We bring you like for example if your agents are like going to make super important financial decisions the you we are working with the hardware companies and GPU companies saying that hey if ag plus some of these things come together you give you the best trust possible running your agent so you don't still have to worry about those things that's actually in the work and looking forward to all the contributions from the maintainers like our contributors everyone I think you know that's the most fun that is something which I really enjoy when people come together and build this community. AGD is a community. Within a month we have was looking at the latest uh live statistics. It said uh 88 plus contributors. Wow. Which is like awesome number. Within a month and we launched it uh and there are more than 300,000 downloads of our packages in a month for something as new as this. If I go to Gemini or um or chat GPT or claude and I ask what is the number one open-source governance framework, it says AGT and that's like awesome to be in. So yes, very uh very happy with how the community has adopted community has contributed and like how we are building our ecosystem around it. This is amazing. Thank you for doing this hard work. We need it. So we appreciate you. We appreciate you. Thanks for being here. Imran, where can people reach you online? Absolutely. I love uh people reaching online. Here I have my uh Twitter ID as well as the LinkedIn ID. Perfect. Perfect. Okay. Well, I feel like we probably have a lot of questions on the chat, too. So, we'll take a look at those. Uh if we don't answer to you right away, don't be discouraged. I am going to get you an answer. Do not reply to those comments. Uh but I know I am Ram is actually going to be monitoring the chat as well at the same time. So, if you're interested in contributing to a project, you know what to do. go to the repository, leave a star, start a conversation. But I think whether you are running a big project, a small project, we need to start caring about corance in the way that we work with our agents. So this is very timely. I think it's relevant for all of us. So so great that it's open source and it's free and for all. So that's awesome. Yes. Awesome. Thank you, Rambo. Appreciate you coming to open source Friday. You'll have to come back in a couple of months and let us know what's going on with AGT next. Absolutely. Would love to. Thank you so much. Thanks a lot. Bye. Okay, that is awesome. Thank you so much for joining this open source Friday. Don't forget to leave your questions and comments in the chat. You know, I read every single one of them. go by start this repo and more importantly learn what's in it because this is