Menu
  • AI Governance Overview
  • 358 pages and 90 vendors
  • 90 controls and 25 case studies
  • Mappings to EU AI Act and NIST AI RMF
Download Book
Vertical Line
  • Agentic AI Governance
  • 19 case studies
  • 11 Agentic AI platforms
  • Companion to AI Governance Comprehensive
Download Book

Agentic AI Governance Playbook – Ingesting crewAI Agents & EU Risk Rating into Collibra with YDC_AIGOV AI Governance Agents

Sunil Soares, Founder & CEO, YDC February 25, 2025

The Case For Automating Agentic AI Governance

AI Agents are extremely popular these days. This presents multiple opportunities to introduce efficiencies but also creates numerous challenges in terms of Agentic AI Governance. Imagine if your organization has signed a contract with an Agentic AI platform but now struggles to keep up with all the agents that are multiplying across the enterprise. The first step is to build an inventory of AI Agents. This inventory should ideally be automated versus relying on end users to manually register their agents with the “honor system.”


Agentic AI Governance Playbook

The YDC team used the YDC_AIGOV Agents to ingest the metadata from crewAI Agents into Collibra AI Governance. We also used the YDC_AIGOV Agents to automatically assign an EU AI Act risk rating for each agent as well. This “playbook” automated the Agentic AI Governance process via integrations and agents.


crewAI Agents

We started with the crewAI multi-agent platform. As shown in the screenshot above, the platform includes a number of OOTB templates including one for Enterprise Content Marketing. The agent offers the following functionality:

  • Conducts thorough research on topics to identify emerging trends, analyzes competitor strategies, and gathers data-driven insights, focusing on 2025
  • Based on this research, generates engaging content ideas tailored to brand voice and target audience
  • Outputs a list of key insights in bullet points, along with detailed outlines

The crewAI Enterprise Content Marketing agent is supported by a YAML file with the relevant configurations (this constitutes agent metadata).


YDC_AIGOV EU AI Act Risk Classification Agent Automatically Scores the crewAI Agent

The YDC_AIGOV EU AI Act Risk Classification Agent received the agentic metadata to automatically score the agent. The screenshot below showcases the YDC_AIGOV agent UI in Hugging Face (we called this agent via Hugging Face API).



The YDC_AIGOV agents passed the crewAI agentic metadata including Provider Name, State, AI Agent Name, Task Name, and Task Description to Collibra AI Governance.


Based on the agentic metadata, YDC_AIGOV classified the agent as Other based on Article 6 of the EU AI Act.

This agentic metadata including the risk rating rationale was also passed to Collibra AI Governance.


This Agentic AI Governance Playbook combined integrations with agentic auto-classifications to reduce the need for manual AI Governance interventions in Collibra.

Recent Posts

10268 SW Visconti Way

Port St. Lucie, FL 34986

X-twitter Linkedin
Copyright 2025 YDC™ is a registered trademark of YourDataConnect, LLC. All Rights Reserved.

Fairness & Accessibility

Component

Component ID: 5.0

Mitigate bias and manage AI accessibility.

List of Controls:

  • Bias
  • Accessibility
Mitigate Bias
Control
View Details
ID: 5.1

Ensure that AI systems are fair and manage harmful bias.
Component
Sub-Control
Regulation
  
Source
Address Fairness and Accessibility EU AI Act -Article 10(2)(f)(g) – Data and Data Governance (“Examination of Possible Biases”)

Vendors

Detect Data Poisoning Attacks
Control

View Details

ID: 10.4.1

Data poisoning involves the deliberate and malicious contamination of data to compromise the performance of AI and machine learning systems.

Component
Control
Regulation
Source
10. Improve Security10.4 Avoid Data and Model Poisoning AttacksEU AI Act: Article 15 – Accuracy, Robustness and Cybersecurity 

Vendors

Improve Security
Component

Component ID: 10

Address emerging attack vectors impacting availability, integrity, abuse, and privacy.  

List of Controls:

  • Prevent Direct Prompt Injection Including Jailbreak
  • Avoid Indirect Prompt Injection
  • Avoid Availability Poisoning
    • Manage Increased Computation Attack
    • Detect Denial of Service (DoS) Attacks
    • Prevent Energy-Latency Attacks
  • Avoid Data and Model Poisoning Attacks
    • Detect Data Poisoning Attacks
    • Avoid Targeted Poisoning Attacks
    • Avoid Backdoor Poisoning Attacks
    • Prevent Model Poisoning Attacks
  • Support Data and Model Privacy
    • Prevent Data Reconstruction Attacks
    • Prevent Membership Inference Attacks
    • Avoid Data Extraction Attacks
    • Avoid Model Extraction Attacks
    • Prevent Property Inference Attacks
    • Prevent Prompt Extraction Attacks
  • Manage Abuse Violations
    • Detect White-Box Evasion Attacks
    • Detect Black-Box Evasion Attacks
    • Mitigate Transferability of Attacks
  • Misuse of AI Agents
    • Prevent AI-Powered Spear-Phishing at Scale
    • Prevent AI-Assisted Software Vulnerability Discovery
    • Prevent Malicious Code Generation
    • Identify Harmful Content Generation at Scale
    • Detect Non-Consensual Content
    • Detect Fraudulent Services
    • Prevent Delegation of Decision-Making Authority to Malicious Actors

Identify Executive Sponsor

View Details

ID : 1.1 

Appoint an executive who will be accountable for the overall success of the program.

ComponentRegulationVendors
1. Establish Accountability for AIEU AI Act 
We use cookies to ensure we give you the best experience on our website. If you continue to use this site, we will assume you consent to our privacy policy.
OK