Agent Policy

Appearance

Risk Scope

risk_scope 描述候选动作触达哪类风险边界,让 policy、UI、runtime、evidence 使用同一套风险语言。

Scope types

tool_callmodel_callartifact_exportsource_accesscredential_usefilesystemnetworkremote_agentdata_retentionredactionhuman_actionmemory_writetask_delegationui_surfacecost_or_quota

Risk levels

low 通常可自动允许并审计;medium 应可见且受约束;high 通常需要审批、沙箱或窄 grant;critical 需要明确权威和强 evidence;unknown 应先阻断。

Draft standard for portable agent policy decisions, approvals, permissions, risk, and audit traces.

Copyright © 2026