Agent Control Specification ACS AI Agent Governance Guide
Agent Control Specification ACS AI agent governance is a portable way to apply policy checks while an agent runs, not just before it starts. ACS defines standard intervention points, policy manifests, evidence inputs, and auditable verdicts so teams can govern tool use, approvals, data handling, and shutdown behavior across agent frameworks. What Is the Agent Control Specification (ACS)? Agent Control Specification is an open, vendor-neutral runtime governance standard for AI agents that defines where policy decisions happen and what evidence those decisions receive. Microsoft describes ACS as framework-independent, and its published model names eight intervention points, including pre_model_call, pre_tool_call, post_tool_call, and output. The practical idea is simple: instead of hiding safety rules inside prompts, SDK callbacks, or one-off middleware, ACS makes agent governance a portable contract. A host runtime supplies a snapshot of the agent state, tool metadata, annotations from evidence providers, and the policy target. A policy engine returns a verdict such as allow, warn, deny, or escalate. For developers, ACS is closest to policy-as-code for autonomous systems. The takeaway: ACS standardizes runtime control so security teams can review one governance model across many agent implementations. ...