Forge Agent Builder Workshop #1 — Ship a Governed AI Agent Into Your Own Infrastructure

​Cowork is for the agent that sits next to a person. Forge is for the agent that sits next to a service. In one hands-on session, go from a SKILL.md file to a containerized agent running on a real Kubernetes cluster — with egress control, guardrails, and audit logging compiled in, not bolted on.

​Who this is for Platform engineers, SREs, and security/governance teams evaluating how to run AI agents inside their own environment — on-prem, air-gapped, or in their own cloud — without handing data, secrets, or control to a vendor's managed runtime.

​What Forge is Forge is the open-source runtime for Agent Skills (the SKILL.md standard from Anthropic, now also adopted by OpenAI). You write a skill in markdown; Forge compiles it into a portable, secure, model-neutral container you deploy anywhere — CLI, Docker, Kubernetes. The agent runs where your governance already lives.

​What you'll build and walk away understanding

• ​SKILL.md → running container. Take a skill from markdown to a live agent in one sitting.

• ​Egress control by construction. Every forge build emits an egress allowlist derived from the skill's declared domains, plus a Kubernetes NetworkPolicy. The agent can't reach anything it didn't declare — enforced at runtime and on subprocess scripts.

• ​Guardrails as policy. Block kubectl get secrets, redact PII and tokens from tool output, and stop capability-enumeration probes — using the four skill-level rule types (deny_commands, deny_output, deny_prompts, deny_responses).

• ​Audit by default. Structured, correlation-threaded NDJSON audit events for every LLM call, tool execution, and egress attempt.

• ​Deploy where you control it. Model-neutral, container-native — the artifact you build on your laptop is the identical one that lands on the cluster.

​Rough agenda (2 hours)

1. ​The threat model: why where the agent runs is the real governance question

2. ​Live build — SKILL.md → agent → container

3. ​Locking it down — egress allowlist + generated NetworkPolicy

4. ​Guardrails + audit log walkthrough

5. ​Deploy to Kubernetes, then open Q&A

​What we provide A Kubernetes cluster and LLM API keys for every attendee. You don't need to bring your own infrastructure — just a laptop.

​What to bring A laptop with Docker and kubectl installed. We'll hand out cluster access and keys at the door.