Middleware vs Sidecar: two ways to govern AI agents

I've spent the last years building governance layers like schema registries for Kafka, policies for Kong, contract validation for event-driven systems. Always the same job: sit between components, enforce rules, keep a trace. When I started running multiple AI agents (Claude Code, Cursor, custom LangChain bots), I noticed the same gap I'd seen before. Every agent has some permission model. None of them talk to each other. No shared policy. No unified trace. Sound familiar? It's 2018 microservices all over again, before service meshes became a thing. So I built agent-mesh for my needs, a sidecar proxy for agent tool calls. YAML policy, centralized traces, per-agent identity. One Go binary, works with anything that speaks MCP or HTTP. Recently, Microsoft dropped the Agent Governance Toolkit . Open-source, MIT. Same problem space. Different architecture. Worth comparing honestly especially now that OWASP gave us a shared vocabulary for what "agent security" actually means. Full disclosure