GlassBox: A Runtime Decision Governance Framework for Agentic AI Systems

Autonomous AI agents executing high-stakes operational decisions—such as initiating financial transactions, issuing procurement orders, adjusting pricing, or modifying production infrastructure—introduce a governance gap that existing mechanisms cannot adequately address. Current approaches such as model lifecycle management, API security layers, and workflow orchestration operate either at the population level or treat decision payloads as opaque, limiting real-time control. We present GlassBox, an open-source Python framework that implements a decision-semantic layer: a runtime governance component that intercepts, evaluates, and records every AI-generated decision before execution. GlassBox enforces policy-as-code, performs statistical anomaly detection, computes composite risk scores, and routes decisions across execution, human review, or rejection paths. The framework provides tamper-evident audit capabilities, velocity controls, contract validation, and supports orchestration patterns including chain, DAG, and saga. The system is implemented as a deterministic multi-stage governance pipeline with modular components for policy enforcement, risk evaluation, and audit logging. Empirical validation across 800+ test cases demonstrates consistent policy enforcement behavior and production-oriented design characteristics. GlassBox provides a practical and extensible foundation for governing agentic AI systems in enterprise environments.