Governance infrastructure for AI agents.
HUMMBL builds small, inspectable control-plane primitives for agentic systems: delegation tokens, append-only receipts, kill switches, circuit breakers, capability fences, source-verification gates, and review workflows that create evidence while the system runs.
The bias is explicit:
- libraries over platforms — controls should live in the execution path, not only in a dashboard after the fact
- receipts over vibes — every governance claim should leave an audit trail
- stdlib-first primitives — core safety controls should survive constrained, regulated, and air-gapped environments
- human override preserved — automation assists governance; it does not become the sovereign
pip install hummbl-governance
| Need | Repository |
|---|---|
| Runtime governance primitives | hummbl-governance |
| Mental-model substrate | base120 |
| Source-verification gate | evidence-gate |
| Code quality and governance scoring | arbiter |
| MCP access to HUMMBL models and skills | mcp-server |
| Agent orchestration patterns | hummbl-agent |
| Research and citation corpus | hummbl-bibliography |
| Public profile, tools, and repo inventory | hummbl-dev |
New contributors should start with hummbl-governance, base120, arbiter, mcp-server, or hummbl-agent, depending on whether they want runtime controls, mental-model infrastructure, code review automation, MCP interfaces, or orchestration patterns.
| Category | Repositories |
|---|---|
| Governance primitives | hummbl-governance, agent-governance-demo, evidence-gate |
| Agent systems | hummbl-agent, mcp-server, hummbl-iac |
| Review and quality | arbiter, source-verification rules, governed PR review workflows |
| Cognitive substrate | base120, hummbl-theory, hummbl-bibliography, arcana |
| Product and applied research | fractional-bench, coaching, hummbl-production |
| Public tools and content | hummbl-dev, static readiness tools, research essays, public profile assets |
| Experimental public repos | autoresearch, governed-compression, sint-protocol, bif |
Some repositories are private while they contain operator workflows, client-sensitive research, or active product work. Public repositories are the durable reference surface.
Contribution process and accepted contribution types are documented in CONTRIBUTING.md. Some repositories are internal-only; open an issue in the target repo before submitting a PR.
Governance is not a policy PDF. It is a runtime property:
- Who is acting? Agent identity, trust tier, and delegation scope.
- What authority do they have? Signed capability tokens and bounded tools.
- What happened? Append-only receipts, bus messages, and evidence logs.
- What should stop the system? Kill switches, circuit breakers, cost governors, and review gates.
- What can be audited later? Source manifests, PR reviews, test evidence, and structured findings.
That is the spine across the org: small primitives that make governance observable, testable, and reviewable.
Inventory captured on 2026-05-08:
| Metric | Count |
|---|---|
| Total repositories | 54 |
| Active public repositories | 35 |
| Active private repositories | 17 |
| Archived repositories | 20 |
| Primary language family | Python-heavy, with TypeScript, HTML, Shell, TeX, Go templates, Java |
Latest repo inventory: docs/GITHUB_REPO_INVENTORY_2026-05-08.md
Latest branch cleanup audit: docs/BRANCH_CLEANUP_AUDIT_2026-05-08.md
Current archive posture: docs/ARCHIVE_POSTURE_2026-05-13.md
Archived repo retention tracker: docs/ARCHIVED_REPO_RETENTION_2026-05-13.md
Merge queue issue-closure semantics: docs/MERGE_QUEUE_ISSUE_CLOSURE.md
HUMMBL's public thesis is that AI governance will move from abstract policy to runtime evidence. The research corpus tracks:
- AI-generated code risk and liability
- agentic control-plane design
- source verification before publication
- governance receipts and audit trails
- mental-model infrastructure for agent reasoning
- practical compliance mapping across NIST AI RMF, ISO 42001, EU AI Act, OWASP, and related frameworks
Useful entry points:
- AI slop crisis research corpus
- Why libraries, not platforms
- Reasonable care in the age of AI agents
- The observability argument
Free self-assessments and references:
| Tool | Purpose |
|---|---|
| Tool index | Landing page for the public tools in this repo |
| EU AI Act readiness | Governance posture check |
| NIST AI RMF readiness | Framework-aligned assessment |
| ISO 42001 readiness | AI management system checklist |
| Singapore agentic AI readiness | Agent governance architecture assessment |
| Colorado AI Act readiness | State-level algorithmic decision compliance |
| Compliance calendar | AI governance timeline |
| Governance crosswalk | Framework comparison |
This repository is the HUMMBL organization profile, public documentation surface, and static tool portfolio. It does not currently run GitHub Actions because there is no build step, package release, or testable runtime in this repo.
Validation is manual for now:
- Review Markdown changes in rendered GitHub preview.
- Open changed HTML tools locally in a browser before publication.
- Keep executable code, packages, and service workflows in their dedicated project repositories, where CI is configured per repo.
If this repository gains generated assets, JavaScript modules, or release automation, add the smallest useful CI workflow for that surface.
HUMMBL, LLC is founded by Reuben Bowlby in Atlanta, GA.
- Site: hummbl.io
- Email: reuben@hummbl.io
- Package:
hummbl-governanceon PyPI
Governed agents need receipts, not slogans.