This is a living specification. We welcome contributions from anyone building, deploying, or governing autonomous AI agents.
- Open an issue describing your feedback, question, or suggestion.
- Reference specific sections by number (e.g., "Section 2.3 Approval Gate").
- We maintain a
/incidentsdirectory of governance failure analyses. - To submit an analysis, open a PR with a new file in
/incidentsfollowing the existing format. - Include primary sources with links. Secondary reporting should be clearly attributed.
- If you've implemented governance patterns in a framework not covered in Section 4, open a PR or issue describing your approach.
- Code examples are welcome.
- If you find a factual error, unclear language, or broken link, open an issue or PR.
- Attribution matters. Every claim should have a source. If you're referencing an incident, link to the primary reporting.
- Be specific. "This section is unclear" is less useful than "Section 2.1 doesn't address what happens when an authority receipt is generated but the action fails mid-execution."
- Framework-agnostic. Contributions should apply broadly, not just to one tool or vendor.
Be respectful, constructive, and specific. This is a technical specification, not a debate forum.