Deploying AI agents in production? This series is about the engineering of AI governance: the technical controls, runtime guardrails, and audit infrastructure that turn policy into something you can actually ship. Sandboxing, policy-as-code, agent-native telemetry, least-privilege identity, all with real code examples using Microsoft’s open-source Agent Governance Toolkit, honest gap analysis, and no vendor spin.
The EU AI Act is the regulatory backbone: its Article 50 transparency rules become enforceable on August 2, 2026, while the Digital Omnibus agreement moves the high-risk obligations to December 2, 2027 (stand-alone systems) and August 2, 2028 (product-embedded systems), subject to final adoption. But the through-line here is broader: governance you can deploy, in Europe and beyond. Policies are not controls. This series is about the controls.
Written by Carlos Hernandez, founder of GenAI Gurus, Europe’s GenAI practitioner community, a contributor to the Microsoft Agent Governance Toolkit, and a contributor to AgenTrust, a new open-source stack for governed, provable agent execution, where I focus on embodied AI in industrial environments. For a curated index of EU AI Act tools, official sources, and templates, see Awesome EU AI Act.
The Series
| # | Post | Status |
|---|---|---|
| 1 | EU AI Act for AI Agent Developers: A Practical Compliance Checklist | Published |
| 2 | How to Run Coding Agents Safely in the Enterprise | Published |
| 3 | When Autonomous AI Agents Control Robots: The Real Threats No Safety System Detects | Published |
| 4 | Verifiable Trust for AI Agents That Control Robots: A Working Example with AgenTrust | Published |
| 5 | The Cloud Can Prove It. The Robot Can’t. | Published |
| 6 | Proof of Outcome: Did the Robot Actually Do It? | Published |
| 7 | Trust at Fleet Scale: The Skill That Spreads | Published |
| 8 | Trusting the Skills You Didn’t Write | Published |
| 9 | Signed Is Not Trustworthy: Grading the Evidence Behind a Robot’s Action | Published |
| 10 | Code Is No Longer the Bottleneck. Verification Is: A Survey of AI-Native Software Delivery in 2026 | Coming soon |
| 11 | From NIM to Jetson: A NeMo Guardrails Configuration Pack for Production Inference | Coming soon |
| 12 | Open Weights, Real Obligations: Governing GPAI Models You Deploy but Didn’t Train | Coming soon |
| 13 | Sovereign AI Infrastructure: Governance Patterns for On-Prem and European Cloud | Coming soon |
| 14 | The Contributor Journey: Building an Open-Source Agent Governance Layer | Coming soon |
Posts
-
This Week, AI Governance Moved Into the Runtime
-
Signed Is Not Trustworthy: Grading the Evidence Behind a Robot's Action
-
Trusting the Skills You Didn't Write
-
Trust at Fleet Scale: the Skill That Spreads
-
Proof of Outcome: Did the Robot Actually Do It?
-
The Cloud Can Prove It. The Robot Can't.
-
Verifiable Trust for AI Agents That Control Robots: A Working Example with AgenTrust
-
When Autonomous AI Agents Control Robots: The Real Threats No Safety System Detects
-
How to Run Coding Agents Safely in the Enterprise
-
EU AI Act for AI Agent Developers: A Practical Compliance Checklist
subscribe via RSS