Skip to content

agent-kits/agentaz-validate

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AgentAz Validate — GitHub Action

Compute an AI agent's AgentAz Trust Level from its agentaz.json on every push or pull request, and optionally fail CI if the agent's autonomy exceeds a policy you set. It's a governance check for agents — the same classification used at agent-kits.com, running in your own pipeline.

Trust Levels run from ADV (advisory — cannot change anything) through A3 (every action human-approved), A4 (bounded autonomy), to A5 (full autonomy). The tier is derived conservatively from your spec's tool_boundary — what can auto-execute vs. what requires approval.

Quick start

Add agentaz.json to your repo (see the schema at the link above), then add this workflow:

# .github/workflows/agentaz.yml
name: AgentAz
on: [push, pull_request]
jobs:
  governance:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: agent-kits/agentaz-validate@v1
        with:
          file: agentaz.json      # optional, this is the default
          min-tier: A4            # optional: fail if riskier than bounded autonomy
          strict: false           # optional: fail on thin specs

The check writes a summary to the run (Trust Level, worst-case action, basis) and, if min-tier is set, fails when the agent is riskier than allowed — so a change that quietly ungates a risky tool turns the check red.

Inputs

Input Default Description
file agentaz.json Path to the spec to validate.
min-tier (none) Policy gate. Fail if the computed band is riskier than this (ADV, A0, A3, A4, A5). Omit to report-only.
strict false If true, fail when the spec is too thin to classify confidently.

Outputs

Output Description
tier Computed Trust Level band.
confident Whether the tool_boundary was rich enough to classify with confidence.
validator_version Validator version used.

Why

When anyone — or an LLM — generates an agent, the question shifts from "where do I get one?" to "is this one safe to run?" This Action puts that check in CI: your agent's governance is regression-tested like your code, and the classification is legible to every reviewer without reading the diff. Definitions and the full spec: https://www.agent-kits.com/agentaz-specification.

MIT licensed. Not affiliated with GitHub.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

 
 
 

Contributors