Nimclea Orange v0.3 - Human-Harm Surface Classification

Nimclea Orange v0.3 introduces the Human-Harm Surface Classification boundary.

This release extends Orange beyond technical action classification. A technical action type is not sufficient risk classification. Any human-requested or machine-proposed action that may create material human-harm exposure must be classified by human-harm surface before authorization.

v0.3 preserves the v0.2 External Action-Producer Boundary and adds human-visible harm classification before human authorization.

Core additions:

• Human-Harm Surface Classification
• Human-Visible Harm Card
• technical surface vs human-harm surface distinction
• risk levels: LOW, MODERATE, HIGH, CRITICAL, UNKNOWN
• UNKNOWN_HUMAN_HARM_SURFACE results in STOP before mutation
• Issue Card and Release Log harm-surface visibility

Human-harm surfaces include:

• HUMAN_SAFETY
• FINANCIAL_HARM
• IDENTITY_AND_ACCESS
• PRIVACY
• MEDICAL
• LEGAL_LIABILITY
• CRITICAL_INFRASTRUCTURE
• EMPLOYMENT
• REPUTATION_AND_EXTERNAL_COMMUNICATION
• PHYSICAL_DEVICE

A prompt is not authority.
A machine-proposed action is not authority.
A technical action type is not a human-harm classification.

Machines may propose.
Only authority may permit.

This release includes:

Orange White Paper v0.3

• orange-white-paper-v0.3.md
• orange-white-paper-v0.3.pdf
• orange-white-paper-v0.3.zh-CN.pdf
• orange-white-paper-v0.3-release-notes.md
• orange-white-paper-v0.3-SHA256SUMS.txt

Orange Executive Brief v0.3

• orange-executive-brief-v0.3.md
• orange-executive-brief-v0.3.pdf
• orange-executive-brief-v0.3.zh-CN.pdf
• orange-executive-brief-v0.3-release-notes.md
• orange-executive-brief-v0.3-SHA256SUMS.txt

v0.1 remains preserved as the original 2026-06-11 public baseline.
v0.2 remains preserved as the External Action-Producer Boundary release.

Nimclea Orange v0.2 - External Action-Producer Boundary

Nimclea Orange v0.2 introduces the External Action-Producer Boundary.

This release extends Orange from direct human-requested Agent actions to machine-proposed actions originating from external Agent runtimes, orchestration platforms, workflow engines, CI/CD systems, RPA systems, Knowledge Graph or Ontology-backed operational platforms, and cross-organizational gateways.

External systems may propose actions.
They do not create authority.

Before any protected real-world mutation, Orange requires:

• a normalized Machine-Proposed Action Envelope
• a valid Authority Passport
• fresh evidence
• deterministic boundary closure
• a scoped execution token
• independently verifiable receipt binding

Machines may propose.
Only authority may permit.

This release includes:

Orange White Paper v0.2

• orange-white-paper-v0.2.md
• orange-white-paper-v0.2.pdf
• orange-white-paper-v0.2.zh-CN.pdf
• orange-white-paper-v0.2-release-notes.md
• orange-white-paper-v0.2-SHA256SUMS.txt

Orange Executive Brief v0.2

• orange-executive-brief-v0.2.md
• orange-executive-brief-v0.2.pdf
• orange-executive-brief-v0.2.zh-CN.pdf
• orange-executive-brief-v0.2-release-notes.md
• orange-executive-brief-v0.2-SHA256SUMS.txt

v0.1 remains preserved as the original 2026-06-11 public baseline.

Nimclea Orange Public Architecture Release v0.1

Initial public release of the Nimclea Orange architecture materials.

Nimclea Orange is a deterministic control layer for AI agents.

Its starting principles are simple:

• Human authority before agent action.
• Evidence before release.
• STOP before mutation.

Included in this release

Executive Brief

• English Markdown edition
• English PDF edition
• Chinese PDF edition

White Paper

• English Markdown edition
• English PDF edition
• Chinese PDF edition

Verification

• SHA-256 checksums for the published materials

Scope

This release contains public architecture and governance materials.

It does not include the internal implementation repository, development scripts, private work-item records, or unreleased demo artifacts.