Source: Announcing Agent Governance Toolkit MCP Extensions for .NET · Jack Batzner · May 26, 2026
MCP makes connecting tools easy; governing registration, execution, and responses is the harder part. Microsoft.AgentGovernance.Extensions.ModelContextProtocol adds one-call WithGovernance(...) to the official MCP C# SDK: startup scanning, runtime policy, sanitization, audit, and metrics.
Why governance?
Flexibility raises questions: who may call which tool, what if descriptions contain injection, what if definitions change maliciously, what if unsafe output reaches the model? The package replaces ad hoc filters with fail-closed defaults.
Two-phase flow
Startup: Tools scanned before exposure; unsafe definitions fail startup by default (poisoning, typosquatting, hidden instructions, rug pulls, schema abuse, etc.).
Runtime: YAML policies allow/deny/rate-limit by tool name and identity. Denied calls return governed errors.
Sanitization: Text responses scanned for injection tags, override phrasing, credential leaks, exfiltration URLs—redacted before returning to the client.
Defaults enable scanning, fail-on-unsafe, sanitization, fallback handler governance, audit, and metrics out of the box. Integrates with the official builder—no fork required.
For production MCP servers
Use when adding policy to existing servers, blocking unsafe tool metadata at startup, enforcing identity-aware execution, and standardizing governance across org services. Compliance note: technical controls only—you must validate end-to-end against your requirements.