AI Action Contract

The contract is not a legal document and not a prompt template. It is the control shape around a software-delivery action: who or what can act, what authority is used, what target can change, what policy applies, what confirmation is required, and what evidence must remain.

The control boundary should not be probabilistic

Agents may be probabilistic. The control boundary should not be. An action contract is the object that turns a high-impact delegated action into something reviewable before it runs and provable afterward.

Connection gives an agent access to tools. Trusted execution asks the harder questions: what action is allowed, under which authority, against which target, with what policy, confirmation, evidence, and receipt?

Contract fields

Actor and owner

The human requester, accountable owner, agent, workflow, or automation that initiated the action.

Authority

The credential, service account, token, CI secret, cloud role, or inherited identity used to act.

Action and target

The exact operation and system: deploy service, publish package, update workflow, call tool, run migration, or change infra.

Policy and review

The allow, review, approve, or block decision, plus the reason and reviewer when the action needs human confirmation.

Evidence

The PR, workflow run, tool log, credential reference, approval record, validation result, and final outcome.

Receipt

The compact record that proves what happened later, without asking reviewers to reconstruct the path from scattered logs.

Concrete example

John -> AI coding agent -> PR -> release workflow -> NPM_TOKEN -> package publish -> receipt

John uses an AI coding agent to update a release workflow. Jack reviews the PR. The action contract asks the missing question before the workflow can publish: is this package-publish action allowed under the release token, who approved it, and which receipt will prove the result?

Field	Example
Action	Publish package after release workflow runs.
Authority	NPM_TOKEN available to GitHub Actions release job.
Policy	Approve package publish before credentialed release action.
Receipt	PR, approver, workflow run, token scope reference, package version, and publish outcome.

Copyable action contract

AI action contract

Actor:
Owner:
Agent or workflow:
Action:
Target:
Authority / credential:
Policy decision:
Review or approval required:
Confirmation before action:
Evidence to retain:
Receipt after action:
Remaining gaps:

Map one action path before turning it into a contract.

Clyra maps the actor, authority, action, target, policy, review, evidence, and receipt for one selected workflow.

Map one workflow