AI Agent Governance Glossary
Clear, citable definitions for the terms that matter when you govern autonomous AI agents — the control plane, the safety kernel, the patterns, and the protocols.
Governance & Control
AI Agent Governance
AI agent governance is the practice of enforcing policy, approvals, and audit over the actions autonomous AI agents take — controlling which tools they call, what data they touch, and which side effects they cause in production systems.
Agent Control Plane
An agent control plane is the governance layer that sits between autonomous AI agents and the real systems they act on, evaluating policy before every action, routing high-risk operations to human approval, and recording an audit trail of every decision.
Safety Kernel
A safety kernel is the policy decision point of an agent control plane — a dedicated service that evaluates every agent action before dispatch and returns a decision such as ALLOW, DENY, REQUIRE_APPROVAL, or ALLOW_WITH_CONSTRAINTS.
Policy-Before-Dispatch
Policy-before-dispatch is the enforcement model where an agent's action is evaluated against policy and approved before it executes, rather than being observed or logged after the fact.
Deterministic AI Control
Deterministic AI control means governing agent actions with explicit, rule-based policy that produces the same decision for the same input every time — as opposed to relying on a probabilistic model to judge whether an action is safe.
Agent Sprawl
Agent sprawl is the uncontrolled proliferation of AI agents across an organization — many teams deploying agents with overlapping capabilities, inconsistent permissions, and no central inventory or policy — creating governance and security gaps.
LLM-as-a-Judge
LLM-as-a-judge is a technique that uses a language model to evaluate outputs — scoring quality, checking criteria, or comparing responses — in place of a human rater or a fixed rule. It is well-suited to grading subjective quality, but its probabilistic nature makes it a poor fit for enforcing safety decisions.
Policy as Code
Policy as code is the practice of defining governance rules in versioned, machine-readable files rather than prose or scattered configuration, so policy can be reviewed, tested, signed, and applied consistently and automatically.
Architecture & Protocol
Model Context Protocol (MCP)
The Model Context Protocol (MCP) is an open standard, introduced by Anthropic, for connecting AI models to external tools and data sources through a uniform interface for tool discovery and invocation.
A2A (Agent-to-Agent)
A2A (agent-to-agent) refers to protocols and patterns for autonomous AI agents to communicate, delegate work, and coordinate with one another directly, rather than only interacting with a single human user or model.
Cordum Agent Protocol (CAP)
The Cordum Agent Protocol (CAP) is the canonical wire contract between agents and the Cordum control plane — a protobuf-defined message format that carries job requests, results, heartbeats, and governance metadata so platform behavior can be governed and audited consistently.
Safety & Reliability Patterns
LLM Guardrails
LLM guardrails are controls that constrain a language model's inputs and outputs — filtering prompts, validating responses, and blocking unsafe content — to keep generated text within acceptable bounds.
Agentic Security
Agentic security is the discipline of securing autonomous AI agents against the new risks they introduce — unsafe tool use, excessive permissions, prompt injection that triggers actions, and unbounded side effects — by governing what agents can do, not just what they can say.
Human-in-the-Loop (HITL)
Human-in-the-loop (HITL) is a control pattern where an autonomous AI agent pauses for explicit human approval before executing a high-risk action, so a person reviews and authorizes the operation before any side effect occurs.
Saga Pattern (for AI Agents)
The saga pattern is a way to manage multi-step agent workflows so that if a later step fails, earlier steps are undone through compensating actions — keeping the system consistent without a single distributed transaction.
Fail-Open vs Fail-Closed
Fail-open and fail-closed describe what a governance system does when its policy check is unavailable: fail-open lets actions proceed without a decision, while fail-closed blocks actions until policy can be evaluated.
Idempotency Keys
An idempotency key is a caller-supplied token that lets a system recognize and de-duplicate retried requests, so submitting the same agent action twice produces one effect instead of two.
Audit & Observability
Agent Audit Trail
An agent audit trail is a tamper-evident record of every governance decision and action an AI agent took — what it attempted, which policy decided the outcome, who approved it, and what resulted — kept for compliance, forensics, and accountability.
Agent Observability
Agent observability is the ability to see what autonomous AI agents are doing in production — the actions they attempt, the decisions applied, the approvals they trigger, and the outcomes — so operators can monitor, debug, and govern agent behavior.