Compute an AI agent's AgentAz Trust Level from its agentaz.json on every push or pull request, and optionally fail CI if the agent's autonomy exceeds a policy you set. It's a governance check for agents — the same classification used at agent-kits.com, running in your own pipeline.
Trust Levels run from ADV (advisory — cannot change anything) through A3 (every action human-approved), A4 (bounded autonomy), to A5 (full autonomy). The tier is derived conservatively from your spec's tool_boundary — what can auto-execute vs. what requires approval.
Add agentaz.json to your repo (see the schema at the link above), then add this workflow:
# .github/workflows/agentaz.yml
name: AgentAz
on: [push, pull_request]
jobs:
governance:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: agent-kits/agentaz-validate@v1
with:
file: agentaz.json # optional, this is the default
min-tier: A4 # optional: fail if riskier than bounded autonomy
strict: false # optional: fail on thin specsThe check writes a summary to the run (Trust Level, worst-case action, basis) and, if min-tier is set, fails when the agent is riskier than allowed — so a change that quietly ungates a risky tool turns the check red.
| Input | Default | Description |
|---|---|---|
file |
agentaz.json |
Path to the spec to validate. |
min-tier |
(none) | Policy gate. Fail if the computed band is riskier than this (ADV, A0, A3, A4, A5). Omit to report-only. |
strict |
false |
If true, fail when the spec is too thin to classify confidently. |
| Output | Description |
|---|---|
tier |
Computed Trust Level band. |
confident |
Whether the tool_boundary was rich enough to classify with confidence. |
validator_version |
Validator version used. |
When anyone — or an LLM — generates an agent, the question shifts from "where do I get one?" to "is this one safe to run?" This Action puts that check in CI: your agent's governance is regression-tested like your code, and the classification is legible to every reviewer without reading the diff. Definitions and the full spec: https://www.agent-kits.com/agentaz-specification.
MIT licensed. Not affiliated with GitHub.