Microsoft introduces a new way to control AI agents

As the capabilities of AI agents expand, enterprises face a new challenge in integrating them into various workflows and products. The core issue is ensuring that an agent performs exactly the assigned task across different environments. Microsoft has announced a new open-source standard called Agent Control Specification (ACS) to address this. This standard allows developers to control the behavior of AI agents more consistently and precisely. This is reported by Techcrunch.com reported by.

The ACS specification allows developers, compliance, and security teams to define custom policies that agents must follow. These rules define what an agent can do, what is prohibited, when human approval is required, and what evidence should be recorded for later review. As an agent performs a task, it is checked at several 'interception points' to ensure it does not exceed defined boundaries.

Currently, developers use system prompts, custom checks in application code, or classifiers to control AI behavior. However, these approaches often lead to fragmented control systems, making them difficult to audit and reuse across different platforms. ACS aims to consolidate these control mechanisms into a common management layer.

According to Microsoft, this specification allows for security checks at several stages of an agent's workflow—before retrieving data, before and after tool invocation, and before sending a final response to the user. Since policy files are written as separate documents, they can be packaged with the agent to ensure consistent security rules across different frameworks and environments.

The new ACS standard is currently provided as an SDK with plugins for popular platforms such as LangChain, OpenAI Agents SDK, Anthropic Agents SDK, AutoGen, CrewAI, and Semantic Kernel. This allows developers to easily add a high-level control and security layer to their existing AI projects.