ProofAgent: An Enterprise-Grade Controlled Agent Framework and Governance Platform

ProofAgent is a controlled agent framework designed to address the governance challenges of enterprise AI Agents. Its core is the Harness control layer, which inserts policy decision points at key steps to enable workflow governance, policy execution, tool management, and full auditing. It fills the governance gap in traditional Agent frameworks (such as LangChain and LangGraph), helping enterprises balance the explosion of AI capabilities with risk control and supporting incremental integration with existing infrastructure.

Background: Governance Challenges of Enterprise-Grade Agents

With the explosion of large language model capabilities, AI Agents are moving toward production deployment, but enterprise applications impose strict requirements on Agents:

• Auditability: Answers must trace back to sources and decision-making basis
• Policy Compliance: Behaviors comply with enterprise policies, no non-compliant content or unauthorized operations
• Risk Control: Tool invocations require approval, sensitive operations need manual confirmation
• Quality Assurance: Answers have reliable evidence, no hallucinations or fabricated information
• Memory Boundaries: Session data storage complies with privacy regulations Traditional frameworks provide orchestration capabilities, but governance relies on developers to implement on their own—ProofAgent was created to address this.

Core Concepts and Architecture Design

Harness Control Layer

The core of ProofAgent is "Harness Engineering"—wrapping a control layer around the Agent execution flow and inserting key policy decision points:

• Mandatory Retrieval: Knowledge retrieval must be performed before answering
• Evidence Evaluation: Assess the quality of retrieval results; reject or escalate if insufficient
• Mandatory Citation: Answers with evidence must include sources
• Tool Approval: Explicit approval before invocation, supporting manual intervention
• Audit Tracking: Complete recording of execution traces

Layered Architecture

• Delivery Layer: CLI/Docker entry points for quick deployment
• Control Plane: Core governance layer (workflow orchestration, policy gating, etc.)
• Runtime Plane: Adaptation boundary for LangGraph/LangChain
• Capability Layer: Implementations of models, knowledge sources, tools, etc.
• Observability Layer: Trace storage, governance receipts, Dashboard API The layered design supports independent upgrades of each component without affecting control policies.

Harness RAG and Agent Contract Configuration

Harness RAG Process

Comparison with ordinary RAG:

• Ordinary RAG: Retrieval → Generation
• Harness RAG: Retrieval → Policy Check → Evidence Evaluation → Policy Check → Generation/Rejection → Tool Approval → Audit Ensure that queries without evidence are rejected, answers include citations, sensitive operations require approval, and traces are reviewable

Declarative Configuration

• agent.yaml: Agent contract (identity, capability parameters)
• policy.yaml: Control policies (evidence thresholds, rejection conditions, etc.)
• tools.yaml: Tool declarations and approval rules
• knowledge/: Directory for business knowledge sources Configuration-driven approach allows non-technical personnel to participate in adjusting governance policies without modifying code.

Enterprise-Grade Q&A Templates and Usage

Q&A Template Examples

• Supported Query: e.g., "Travel meal reimbursement rules" → Retrieve knowledge base + answer with citations
• Rejected Query: e.g., "Next year's customer discount" → Reject/escalate due to insufficient evidence
• Tool-Dependent Query: e.g., "Check customer policy status" → Wait for tool approval Outputs:
• trace.jsonl: Complete execution trace
• governance_receipt.md: Human-readable governance receipt

Technical Implementation

• Local Demo: uv run --extra dev proof-agent demo (compare Plain RAG and Harness RAG)
• Configuration Run: uv run --extra dev proof-agent run examples/enterprise_qa/agent.yaml
• Docker Deployment: docker compose up Developed in Python, supporting multiple operation modes.

Governance Receipts and Applicable Scenarios

Governance Receipts

Generated per run:

• JSONL Trace: Millisecond-level execution records (decision point input/output/reason)
• Markdown Governance Receipt: Summary (query, retrieval results, evidence evaluation, decision path, etc.) Can be used as a basis for compliance audits

Applicable Scenarios

• Financial Compliance Q&A: Investment advice has policy basis
• Medical Knowledge Query: Diagnoses based on authoritative guidelines
• Enterprise Internal Knowledge Base: Control access to sensitive information
• Customer Service Automation: Clarify boundaries between automation and manual escalation
• Regulatory Compliance Assistant: Answers comply with the latest regulations Helps enterprises ensure compliance and risk control in automation.

Project Status and Conclusion

Project Status

• Under active development; v1 provides core framework and enterprise Q&A templates
• Rich documentation: Developer guides, PRDs, technical designs, etc.

Future Vision

Build a complete enterprise Agent control platform, supporting more diverse policies, flexible integration, and governance dashboards

Conclusion

ProofAgent elevates governance, auditing, and policy execution to first-class citizens—moving from "being able to answer" to "being able to prove why it can answer". Its open-source nature allows the community to jointly improve this infrastructure, helping enterprises balance AI capabilities and risks.