{"slug": "agent-kits-compliance-scanner", "title": "Agent Kits – Compliance Scanner", "summary": "Agent Kits released a Compliance Scanner tool that analyzes AI agent system prompts against Microsoft's published agent-governance guidance, providing pass/fail gates and risk assessments. The deterministic scanner processes prompts on the edge without storing or sending them to any model, complementing platform-enforced controls like Entra ID and Purview.", "body_md": "Scored against Microsoft's published guidance · AgentAz™ companion\n\n# Compliance Scanner\n\nPaste an agent's system prompt or its `agentaz.json`\n\nand scan it against Microsoft's published agent-governance guidance, with the AgentAz™ companion mapping that shows how each control is met at the prompt layer. Pass/fail gates, failure scenarios, a risk radar, and a copy-paste fix block. Deterministic, and your prompt is processed to produce the result, then discarded — never stored or sent to a model.\n\nScored against Microsoft's published agent-governance guidance, with the AgentAz™ companion mapping. Deterministic — same input, same result. Your prompt is processed on our edge to produce the result and is never stored, logged, or sent to any model.\n\n## What it scores against\n\nThe scanner maps your agent to the design-layer controls in Microsoft's published guidance for AI agents — the Cloud Adoption Framework's governance and security recommendations, the Responsible AI principles, and the agentic maturity model. Each Microsoft control is shown with its **AgentAz™ companion**: the spec field that satisfies it at the prompt layer.\n\n## What it can't see (on purpose)\n\nA system-prompt scan only assesses the design layer. Microsoft's platform-enforced controls — Entra ID identity, Purview data-loss prevention, runtime threat detection — are marked *platform, out of scope* rather than guessed at. This complements those controls; it doesn't replace them.\n\n## Why deterministic, not an LLM\n\nA governance check you can't reproduce isn't a check. The default scan uses fixed rules and the same risky-tool vocabulary the runnable `run.py`\n\ndemos enforce, so the same input always produces the same verdict. It never auto-executes or contacts a model.", "url": "https://wpnews.pro/news/agent-kits-compliance-scanner", "canonical_source": "https://www.agent-kits.com/scan", "published_at": "2026-06-27 23:19:26+00:00", "updated_at": "2026-06-27 23:34:35.462693+00:00", "lang": "en", "topics": ["ai-safety", "ai-policy", "ai-tools", "ai-ethics"], "entities": ["Agent Kits", "Microsoft", "AgentAz", "Cloud Adoption Framework", "Entra ID", "Purview"], "alternates": {"html": "https://wpnews.pro/news/agent-kits-compliance-scanner", "markdown": "https://wpnews.pro/news/agent-kits-compliance-scanner.md", "text": "https://wpnews.pro/news/agent-kits-compliance-scanner.txt", "jsonld": "https://wpnews.pro/news/agent-kits-compliance-scanner.jsonld"}}