Open governance protocols
for the agent era.
A family of ten open JSON specifications for declaring what an AI system is, what it does, what it refuses, what evidence it carries, what regulatory class it falls under, and what happens when it fails. Five core specs · two regulated-vertical extensions (EdTech, HealthTech) · one cross-cutting incident-disclosure spec. One MCP server, one visualizer, four live properties. All AGPL-3.0.
The suite at a glance
Each spec carries a top-level <name>_version field. The unified visualizer
auto-detects which spec a document is in by inspecting that field. The MCP server exposes
fetch / validate / inspect / cross-spec-join tools for the seven runtime specs.
AI Tutor Cards
What an AI tutor does (vendor-side)
Classroom AI AUP
What AI use is permitted (district / school / course)
Student AI Disclosure
What the student actually did (per artifact)
A grader, LMS, or compliance checker joins all three: "Is this submission allowed?" → O(1) lookup.
All ten specs
| Spec | What it declares | Detect via | Well-known path |
|---|---|---|---|
| AEO Protocol | Entity declaration · authoritative claims · citation preferences | aeo_version |
/.well-known/aeo.json |
| Prompt Provenance | Versioned, lineaged, reviewable LLM prompt records | provenance_version |
— |
| Agent Cards | Declarative agent capability + refusal disclosure | agent_card_version |
/.well-known/agents/<id>.json |
| AI Evidence Format | Structured citations for LLM-generated claims | evidence_version |
— |
| MCP Tool Cards | Per-tool disclosure for MCP servers | tool_card_version |
/.well-known/mcp-tools/<name>.json |
| AI Tutor Cards EdTech | EdTech vendor-side · pedagogy · FERPA/COPPA/GDPR posture | tutor_card_version |
/.well-known/tutors/<id>.json |
| Student AI Disclosure EdTech | Student-side · roles · prompt evidence · artifact-hash binding | disclosure_version |
— (travels with artifact) |
| Classroom AI AUP EdTech | District / school / course AI policy | aup_version |
/.well-known/ai-aup.json |
| Clinical AI Disclosure HealthTech | HIPAA / FDA / SaMD posture · bias audits · EHR integration | clinical_ai_card_version |
/.well-known/clinical-ai/<id>.json |
| AI Incident Card cross-cutting | "CVE for AI agents" · references every other document | incident_card_version |
/.well-known/ai-incidents/<id>.json |
Two front doors
The unified visualizer is the read-side (human) entry point. The unified MCP server is the tool-side (agent) entry point. Ten specs, two front doors.
kinetic-gain-visualizer
Auto-detects the spec from the top-level *_version field and renders the appropriate procurement-grade view. Eight renderers shipped; Clinical AI + AI Incident Card landing next.
- Visualize — auto-detected procurement-grade UI
- Editor — paste any spec document
- Architecture — the 10-spec map
- Tools — searchable 34-tool MCP catalog
mcp-kinetic-gain
34 tools across 8 specs, v0.4.0, git-tagged. One Claude Desktop / Cursor / MCP-client config entry. The headline tool aup_check_compliance joins an AUP + Student AI Disclosure into a single allow/deny call.
- 61 tests pass · typecheck clean · build clean
- v0.5 in queue — Clinical AI tools + AI Incident Card tools (→ 9 specs / ~42 tools)
Four live properties
Every property is React 19 + TypeScript or hand-written static HTML, AGPL/Apache-2.0, push-to-deploy via GitHub Actions FTPS to Hostinger.
AEO Visualizer
Dedicated visualizer for AEO Protocol declarations. The original Kinetic Gain property.
Open ↗AI Tutor Cards
EdTech vertical landing — vendor disclosure for AI tutors with FERPA/COPPA/GDPR posture.
Open ↗Clinical AI Disclosure
HealthTech vertical landing — HIPAA / FDA / SaMD posture, bias audits, EHR integration.
Open ↗prompt-injection-bench
Visual harness: paste a JSONL transcript, see pass rates by category and severity. Agent-Card refusal-taxonomy back-references.
Open ↗Author
Miz Causevic — Director / Principal Platform Engineering, Boston, MA. ~30 years across IBM, CyberArk, Alteryx, Digital.ai, Gryphon.ai. The entire suite is authored under github.com/mizcausevic-dev in the open. All ten specs are AGPL-3.0 for normative text with unrestricted implementation freedom. Issues and pull requests welcome on any individual spec repo; cross-spec concerns happen on the meta-repo.