Static governance for identity, rules, skills, and guidance.
This page defines the static governance layer: who the agent is, what it can use, what rules it follows, and how those choices are released.
Know exactly what is governed before mission control and task execution are introduced.
Treat identity as trust, not just a label.
Identity covers practical trust surfaces: enrollment, keys, ownership, and which client is speaking.
Stable identifiers for each agent and the workspace it belongs to.
SSH, API keys, and other enrollment material needed to trust the client.
Who enrolled the agent and who can rotate or revoke access.
What the control plane expects versus what the client reports.
Scoped rules make inheritance obvious.
Rules are the hard or soft behavior layer: scannable, scoped, and explainable.
Non-negotiable boundaries with clear enforcement.
Useful defaults and preferences that can be overridden.
Global, team, project, workspace, agent, with visible overrides.
Every change has a version and a reason.
Skills stay separate from rules and guidance.
Skills are folder-based work units. Keep them portable, versioned, and easy to inspect.
SKILL.md, scripts, references, and assets in one package.
A team can maintain internal skill sets without turning them into policy.
Pin, enable, disable, or roll back a skill version.
The same artifact can be mapped to different runtimes when supported.
Downstream pages for trust, policy, skill packaging, and guidance.
Move from governance into focused pages for each managed object.