v0.15.0Package availableAGT / AAIF compatibleRTGOV conformance section

Runtime Governance Records

Record portable signed evidence of agent runtime governance decisions — policy evaluations, safety checks, compliance gates, capability constraints, and mode transitions. Works with any governance runtime: AGT, AAIF, and custom managed agent platforms.

Package: @peac/adapter-runtime-governance — Conformance Section 27 RTGOV-001..007

Observer scope

PEAC records what your governance runtime reported happened. It does not enforce policies, evaluate safety, score agents, or replace your governance layer. The runtime owns the decision; PEAC makes the decision verifiable outside the system that made it.

What gets recorded

The runtime governance profile covers six record families under theorg.peacprotocol/runtime-governance namespace. Each event maps to one of the six type URIs in the extension registry.

Type URI	When to emit
org.peacprotocol/runtime-governance-policy-decision	The governance runtime reported a policy decision for an action, tool call, or capability request
org.peacprotocol/runtime-governance-audit-entry	A governance audit-log entry was recorded during a session
org.peacprotocol/runtime-governance-authority-scope	An authority or capability scope was reported for an agent or session
org.peacprotocol/runtime-governance-lifecycle-event	The agent runtime reported a lifecycle event such as a mode or state change
org.peacprotocol/runtime-governance-trust-observation	The runtime reported a trust signal, preserved verbatim (PEAC does not compute or rank trust)
org.peacprotocol/runtime-governance-compliance-observation	The runtime reported a compliance observation, never an authoritative determination

Install

pnpm add @peac/adapter-runtime-governance @peac/protocol

Basic Usage

The adapter accepts your runtime's governance event output and maps it to a structured PEAC record. Pass the record to issue()with your signing key to produce a compact JWS.

import {
  normalizeRuntimeGovernanceEvent,
  issueRuntimeGovernanceRecord,
} from '@peac/adapter-runtime-governance';
import { generateKeypair } from '@peac/crypto';

const { privateKey } = await generateKeypair();

// Normalize your governance runtime's output into a runtime-governance event
const event = normalizeRuntimeGovernanceEvent({
  provider: 'your-governance-runtime',
  occurred_at: new Date().toISOString(),
  payload: {
    family: 'policy_decision',
    action: 'tool.call',
    matched_rule: 'agent-safety-v2',
    reason: 'scope_permitted',
  },
});

// Issue a signed runtime-governance record (compact JWS)
const { jws } = await issueRuntimeGovernanceRecord(event, {
  iss: 'https://governance.example.com',
  privateKey,
  kid: 'peac-2026-03',
});

// Carry jws in a PEAC-Receipt header or A2A metadata
console.log(jws);

Record shape

Each record carries governance-specific fields inside the extension block. All identifiers are opaque references — no raw policy text, agent identity strings, or runtime-internal data is stored inline.

// Decoded JWS payload (the typ header "interaction-record+jwt" lives in the JOSE header)
{
  "peac_version": "0.2",
  "kind": "evidence",
  "type": "org.peacprotocol/runtime-governance-policy-decision",
  "iss": "https://governance.example.com",
  "iat": 1747008000,
  "jti": "rg-9f2c1a7b",
  "pillars": ["safety", "compliance"],
  "extensions": {
    "org.peacprotocol/runtime-governance": {
      "provider": "your-governance-runtime",
      "action": "tool.call",
      "matched_rule": "agent-safety-v2",
      "reason": "scope_permitted",
      "upstream_artifact": {
        "source_system": "your-governance-runtime",
        "source_event_id": "evt-2026-06-01-001"
      }
    }
  }
}

The upstream_artifact block preserves the raw source attribution from the governance runtime without synthesizing additional semantics.

Microsoft AGT / AAIF Compatibility

The adapter ships a mapper, mapAgtEvent, for Microsoft AGT runtime governance events. It normalizes those events into the six canonical runtime-governance families below, preserving the upstream source attribution verbatim.

org.peacprotocol/runtime-governance-policy-decision

A governance policy decision reported by the runtime

org.peacprotocol/runtime-governance-audit-entry

A governance audit-log entry recorded during a session

org.peacprotocol/runtime-governance-authority-scope

An authority or capability scope reported for an agent

org.peacprotocol/runtime-governance-lifecycle-event

A runtime lifecycle event such as a mode or state change

org.peacprotocol/runtime-governance-trust-observation

A trust signal preserved verbatim (not computed by PEAC)

org.peacprotocol/runtime-governance-compliance-observation

A compliance observation, never an authoritative determination

import { mapAgtEvent, issueRuntimeGovernanceRecord } from '@peac/adapter-runtime-governance';
import { generateKeypair } from '@peac/crypto';

const { privateKey } = await generateKeypair();

// Map a Microsoft AGT governance event into a runtime-governance event
const event = mapAgtEvent(agtEvent);

const { jws } = await issueRuntimeGovernanceRecord(event, {
  iss: 'https://governance.example.com',
  privateKey,
  kid: 'peac-2026-03',
});

Upstream artifact preservation

PEAC never synthesizes governance outcomes from incomplete data. Theupstream_artifact block is required on all RTGOV records and preserves the source runtime's attribution without interpretation.

No finality synthesis

A policy evaluation "allowed" record does not mean the action was taken. The governance runtime owns that decision.

Opaque refs only

Policy documents, agent identities, and capability names must be referenced by opaque URN or DID — never inlined.

No synthesized outcomes

Decisions and outcomes are preserved as the runtime reported them. PEAC does not synthesize, default, or rank them.

Conformance — Section 27 (RTGOV)

Seven requirements cover the observable emitted-record semantics for runtime governance records.

ID	Requirement
RTGOV-001	All runtime-governance records use the evidence kind
RTGOV-002	Type URIs use the org.peacprotocol/runtime-governance- prefix
RTGOV-003	The extension namespace is org.peacprotocol/runtime-governance
RTGOV-004	A provider field is present in the extension and is never empty
RTGOV-005	Upstream integrity artifacts are preserved as opaque strings
RTGOV-006	PEAC must not derive, recompute, rank, or authoritatively assess trust
RTGOV-007	Compliance observations are observational, never authoritative determinations

Resources

npm package

@peac/adapter-runtime-governance

Source code

packages/adapters/runtime-governance

Conformance spec

Section 27 RTGOV-001..007

Adapters overview

All adapters and profiles

Add governance evidence to your agent platform

Install @peac/adapter-runtime-governance and map your existing governance events to portable PEAC records without changing your policy engine.

View examples All adapters

← Back to Adapters