Govern
How to Govern AutoGen Agents
AutoGen enables multi-agent conversations that execute code and call APIs. Cordum ensures every action passes through policy checks before execution.
The problem with ungoverned AutoGen agents
- Agents negotiate in free-form conversation. The code executor runs whatever they agree on.
- Group chat managers route messages but do not enforce access control between agents.
- Code execution is powerful and dangerous without governance. An agent can run arbitrary Python.
- Audit trails are conversation logs, not structured policy decisions.
How Cordum governs AutoGen
1
Route AutoGen tasks through Cordum
Submit conversations as Cordum jobs. Safety Kernel evaluates requested actions before dispatch.
const job = {
type: "autogen.group_chat.run",
payload: {
group: "code-review-team",
agents: ["analyst", "reviewer", "executor"],
capabilities: ["code-exec", "file-read", "file-write"],
},
};
await cordumClient.jobs.submit(job);2
Gate code execution with policies
Define policies that check what capabilities are requested before agents run.
3
Constrain agent scope
ALLOW_WITH_CONSTRAINTS for sandboxed execution with limited network and output size.
4
Structured audit for conversations
Every policy decision logged with requesting agent, action, matching rule, and outcome.
AutoGen native vs Cordum governance
| Area | AutoGen Native | With Cordum |
|---|---|---|
| Pre-execution safety | Code executor runs without policy gate | Safety Kernel evaluates before execution |
| Agent-level permissions | No enforcement | Per-agent policy rules by role and capability |
| Code execution constraints | Docker container isolation only | Policy-defined scope limits + container isolation |
| Approval workflows | human_input_mode for manual intervention | Declarative approvals tied to policy rules |
| Audit trail | Conversation logs | Structured decision log with policy evidence |
FAQ
Does Cordum work with AutoGen code executor?
Yes. Cordum governs the job. The executor runs normally inside the worker.
Can I still use human_input_mode?
Yes. Cordum approval workflows complement AutoGen human input modes.
Related guides
Ready to govern your AutoGen agents?
Start with the open-source Cordum platform. Add policies, approvals, and audit trails in minutes.