npm - @bluefly/openstandardagents - Versions diffs - 0.2.4 - Mend

@bluefly/openstandardagents 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (371) hide show

package/.env.example +41 -0
package/.eslintrc.cjs +43 -0
package/.github/PULL_REQUEST_TEMPLATE.md +39 -0
package/.github/dependabot.yml +58 -0
package/.github/workflows/ci.yml +154 -0
package/.github/workflows/codeql.yml +41 -0
package/.github/workflows/dependabot-auto-merge.yml +28 -0
package/.github/workflows/release.yml +103 -0
package/.prettierignore +7 -0
package/.prettierrc.json +10 -0
package/.redocly.yaml +9 -0
package/.releaserc.json +84 -0
package/.releaserc.json.disabled +81 -0
package/CHANGELOG.md +152 -0
package/CONTRIBUTING.md +249 -0
package/LICENSE +190 -0
package/README.md +280 -0
package/bin/ossa +8 -0
package/bin/validate-ossa-0.2.2.ts +244 -0
package/dist/di-container.d.ts +18 -0
package/dist/di-container.d.ts.map +1 -0
package/dist/di-container.js +43 -0
package/dist/di-container.js.map +1 -0
package/dist/index.d.ts +13 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +17 -0
package/dist/index.js.map +1 -0
package/dist/repositories/manifest.repository.d.ts +26 -0
package/dist/repositories/manifest.repository.d.ts.map +1 -0
package/dist/repositories/manifest.repository.js +90 -0
package/dist/repositories/manifest.repository.js.map +1 -0
package/dist/repositories/schema.repository.d.ts +30 -0
package/dist/repositories/schema.repository.d.ts.map +1 -0
package/dist/repositories/schema.repository.js +143 -0
package/dist/repositories/schema.repository.js.map +1 -0
package/dist/services/generation.service.d.ts +54 -0
package/dist/services/generation.service.d.ts.map +1 -0
package/dist/services/generation.service.js +298 -0
package/dist/services/generation.service.js.map +1 -0
package/dist/services/migration.service.d.ts +30 -0
package/dist/services/migration.service.d.ts.map +1 -0
package/dist/services/migration.service.js +231 -0
package/dist/services/migration.service.js.map +1 -0
package/dist/services/runtime/openai.adapter.d.ts +94 -0
package/dist/services/runtime/openai.adapter.d.ts.map +1 -0
package/dist/services/runtime/openai.adapter.js +209 -0
package/dist/services/runtime/openai.adapter.js.map +1 -0
package/dist/services/validation.service.d.ts +45 -0
package/dist/services/validation.service.d.ts.map +1 -0
package/dist/services/validation.service.js +362 -0
package/dist/services/validation.service.js.map +1 -0
package/dist/services/validators/anthropic.validator.d.ts +9 -0
package/dist/services/validators/anthropic.validator.d.ts.map +1 -0
package/dist/services/validators/anthropic.validator.js +105 -0
package/dist/services/validators/anthropic.validator.js.map +1 -0
package/dist/services/validators/autogen.validator.d.ts +9 -0
package/dist/services/validators/autogen.validator.d.ts.map +1 -0
package/dist/services/validators/autogen.validator.js +111 -0
package/dist/services/validators/autogen.validator.js.map +1 -0
package/dist/services/validators/crewai.validator.d.ts +9 -0
package/dist/services/validators/crewai.validator.d.ts.map +1 -0
package/dist/services/validators/crewai.validator.js +117 -0
package/dist/services/validators/crewai.validator.js.map +1 -0
package/dist/services/validators/cursor.validator.d.ts +9 -0
package/dist/services/validators/cursor.validator.d.ts.map +1 -0
package/dist/services/validators/cursor.validator.js +88 -0
package/dist/services/validators/cursor.validator.js.map +1 -0
package/dist/services/validators/index.d.ts +15 -0
package/dist/services/validators/index.d.ts.map +1 -0
package/dist/services/validators/index.js +15 -0
package/dist/services/validators/index.js.map +1 -0
package/dist/services/validators/langchain.validator.d.ts +9 -0
package/dist/services/validators/langchain.validator.d.ts.map +1 -0
package/dist/services/validators/langchain.validator.js +103 -0
package/dist/services/validators/langchain.validator.js.map +1 -0
package/dist/services/validators/langflow.validator.d.ts +9 -0
package/dist/services/validators/langflow.validator.d.ts.map +1 -0
package/dist/services/validators/langflow.validator.js +92 -0
package/dist/services/validators/langflow.validator.js.map +1 -0
package/dist/services/validators/langgraph.validator.d.ts +9 -0
package/dist/services/validators/langgraph.validator.d.ts.map +1 -0
package/dist/services/validators/langgraph.validator.js +123 -0
package/dist/services/validators/langgraph.validator.js.map +1 -0
package/dist/services/validators/llamaindex.validator.d.ts +9 -0
package/dist/services/validators/llamaindex.validator.d.ts.map +1 -0
package/dist/services/validators/llamaindex.validator.js +121 -0
package/dist/services/validators/llamaindex.validator.js.map +1 -0
package/dist/services/validators/openai.validator.d.ts +9 -0
package/dist/services/validators/openai.validator.d.ts.map +1 -0
package/dist/services/validators/openai.validator.js +126 -0
package/dist/services/validators/openai.validator.js.map +1 -0
package/dist/services/validators/vercel-ai.validator.d.ts +9 -0
package/dist/services/validators/vercel-ai.validator.d.ts.map +1 -0
package/dist/services/validators/vercel-ai.validator.js +99 -0
package/dist/services/validators/vercel-ai.validator.js.map +1 -0
package/dist/spec/v0.1.9/agent-autonomous-extensions.json +234 -0
package/dist/spec/v0.1.9/ecosystem-compliance.json +235 -0
package/dist/spec/v0.1.9/ossa-v0.1.9.schema.json +695 -0
package/dist/spec/v0.1.9/ossa-v0.1.9.schema.json.backup +695 -0
package/dist/spec/v0.1.9/reasoning-compliance.json +654 -0
package/dist/spec/v0.2.2/kagent-enhancements.json +395 -0
package/dist/spec/v0.2.2/ossa-0.2.2.schema.json +906 -0
package/dist/spec/v0.2.2/ossa-0.2.2.yaml +448 -0
package/dist/spec/v0.2.2/ossa-reasoning-compliance-1.0.schema.json +424 -0
package/dist/spec/v0.2.3/CHANGELOG.md +176 -0
package/dist/spec/v0.2.3/README.md +154 -0
package/dist/spec/v0.2.3/migrations/v0.2.2-to-v0.2.3.md +343 -0
package/dist/spec/v0.2.3/ossa-0.2.3.schema.json +1397 -0
package/dist/spec/v0.2.3/ossa-0.2.3.yaml +448 -0
package/dist/spec/v0.2.4-dev/CHANGELOG.md +403 -0
package/dist/spec/v0.2.4-dev/migrations/v0.2.3-to-v0.2.4.md +599 -0
package/dist/spec/v0.2.4-dev/ossa-0.2.4-dev.schema.json +1696 -0
package/dist/spec/v0.2.4-dev/ossa-0.2.4-dev.yaml +581 -0
package/dist/spec/v0.2.5-dev/CHANGELOG.md +171 -0
package/dist/spec/v0.2.5-dev/examples/customer-support-graph.ossa.yaml +362 -0
package/dist/spec/v0.2.5-dev/examples/parallel-processors.ossa.yaml +464 -0
package/dist/spec/v0.2.5-dev/examples/research-team.ossa.yaml +440 -0
package/dist/spec/v0.2.5-dev/migrations/v0.2.4-to-v0.2.5.md +317 -0
package/dist/spec/v0.2.5-dev/ossa-0.2.5-dev.schema.json +1732 -0
package/dist/spec/v0.2.5-dev/ossa-0.2.5-dev.yaml +409 -0
package/dist/types/index.d.ts +178 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +6 -0
package/dist/types/index.js.map +1 -0
package/dist/types/openapi-extensions.d.ts +164 -0
package/dist/types/openapi-extensions.d.ts.map +1 -0
package/dist/types/openapi-extensions.js +6 -0
package/dist/types/openapi-extensions.js.map +1 -0
package/docs/OSSA-COMPLIANT-BADGE.md +248 -0
package/docs/README.md +31 -0
package/docs/VERSIONING.md +284 -0
package/docs/agent-openapi-spec.yml +942 -0
package/docs/getting-started.md +87 -0
package/docs/migration/general-agent-schema.yml +255 -0
package/docs/migration/migration-manifest.json +64 -0
package/docs/openapi-extensions.md +930 -0
package/docs/schemas/openapi-extensions.schema.json +486 -0
package/examples/adk-integration/code-review-workflow.yml +136 -0
package/examples/adk-integration/customer-support.yml +263 -0
package/examples/adk-integration/data-pipeline.yml +173 -0
package/examples/advanced/patterns/compliance-context-production.json +53 -0
package/examples/advanced/patterns/model-router.ts +274 -0
package/examples/advanced/patterns/smart-model-routing.ts +248 -0
package/examples/advanced/workflows/hybrid-model-strategy.yaml +232 -0
package/examples/agent-manifests/critics/critic-agent.yaml +149 -0
package/examples/agent-manifests/governors/governor-agent.yaml +128 -0
package/examples/agent-manifests/integrators/integrator-agent.yaml +103 -0
package/examples/agent-manifests/judges/judge-agent.yaml +153 -0
package/examples/agent-manifests/monitors/monitor-agent.yaml +122 -0
package/examples/agent-manifests/orchestrators/orchestrator-agent.yaml +247 -0
package/examples/agent-manifests/sample-compliant-agent.yaml +147 -0
package/examples/agent-manifests/workers/worker-agent.yaml +82 -0
package/examples/anthropic/claude-assistant.ossa.json +45 -0
package/examples/architecture/model-configuration/ollama-integration.ts +110 -0
package/examples/autogen/multi-agent.ossa.json +37 -0
package/examples/bridge-configurations.yaml +346 -0
package/examples/bridges/Dockerfile.production +87 -0
package/examples/bridges/__pycache__/aiflow-bridge-enhanced.cpython-313.pyc +0 -0
package/examples/bridges/__pycache__/aiflow-phoenix-tracing.cpython-313.pyc +0 -0
package/examples/bridges/__pycache__/test_aiflow_integration.cpython-313.pyc +0 -0
package/examples/bridges/aiflow-bridge-enhanced.py +462 -0
package/examples/bridges/aiflow-bridge-example.yml +310 -0
package/examples/bridges/aiflow-phoenix-tracing.py +310 -0
package/examples/bridges/aiflow-registration-api.openapi.yml +439 -0
package/examples/bridges/k8s/configmap.yaml +121 -0
package/examples/bridges/k8s/deployment-simple.yaml +34 -0
package/examples/bridges/k8s/deployment.yaml +275 -0
package/examples/bridges/k8s/hpa.yaml +126 -0
package/examples/bridges/k8s/ingress.yaml +155 -0
package/examples/bridges/kagent-bridge-example.yml +94 -0
package/examples/bridges/load-tests/Dockerfile +28 -0
package/examples/bridges/load-tests/k6-load-test.js +302 -0
package/examples/bridges/load-tests/requirements.txt +20 -0
package/examples/bridges/loadtest/k6-scenarios.js +270 -0
package/examples/bridges/phase4/SLO-SLA.yaml +249 -0
package/examples/bridges/phase4/chaos-tests.yaml +226 -0
package/examples/bridges/requirements.txt +24 -0
package/examples/bridges/test_aiflow_integration.py +341 -0
package/examples/common_npm/agent-router.ossa.yaml +182 -0
package/examples/common_npm/agent-router.v0.2.2.ossa.yaml +60 -0
package/examples/compliance-agent.yml +155 -0
package/examples/crewai/research-team.ossa.json +36 -0
package/examples/cursor/code-review-agent.ossa.json +47 -0
package/examples/drupal/gitlab-ml-recommender.ossa.yaml +609 -0
package/examples/drupal/gitlab-ml-recommender.v0.2.2.ossa.yaml +68 -0
package/examples/enterprise/agent.yml +452 -0
package/examples/extensions/drupal-v1.yml +266 -0
package/examples/extensions/kagent-v1.yml +167 -0
package/examples/getting-started/hello-world-complete.ossa.yaml +266 -0
package/examples/integration-patterns/agent-to-agent-orchestration.ossa.yaml +376 -0
package/examples/kagent/README.md +31 -0
package/examples/kagent/compliance-validator.ossa.yaml +111 -0
package/examples/kagent/cost-optimizer.ossa.yaml +93 -0
package/examples/kagent/documentation-agent.ossa.yaml +91 -0
package/examples/kagent/k8s-troubleshooter-v1.ossa.yaml +269 -0
package/examples/kagent/k8s-troubleshooter-v1.v0.2.2.ossa.yaml +106 -0
package/examples/kagent/k8s-troubleshooter.ossa.yaml +257 -0
package/examples/kagent/security-scanner.ossa.yaml +140 -0
package/examples/langchain/chain-agent.ossa.json +42 -0
package/examples/langflow/workflow-agent.ossa.json +39 -0
package/examples/langgraph/state-machine-agent.ossa.json +59 -0
package/examples/llamaindex/rag-agent.ossa.json +41 -0
package/examples/migration-guides/from-langchain-to-ossa.yaml +309 -0
package/examples/minimal/agent.yml +152 -0
package/examples/minimal/openapi.yaml +95 -0
package/examples/openai/swarm-agent.ossa.json +59 -0
package/examples/openapi-extensions/README.md +87 -0
package/examples/openapi-extensions/minimal-agent-api.openapi.yml +288 -0
package/examples/openapi-extensions/orchestrator-agent-api.openapi.yml +633 -0
package/examples/openapi-extensions/worker-agent-api.openapi.yml +533 -0
package/examples/production/agent.yml +713 -0
package/examples/production/document-analyzer-openai.yml +134 -0
package/examples/quickstart/support-agent.ossa.yaml +59 -0
package/examples/service-registry-usage.ts +423 -0
package/examples/spec-examples/audit-agent.yml +147 -0
package/examples/spec-examples/chat-agent.yml +189 -0
package/examples/spec-examples/compliance-agent.yml +204 -0
package/examples/spec-examples/data-processing-agent.yml +132 -0
package/examples/spec-examples/development-agent.yml +138 -0
package/examples/spec-examples/edge-agent.yml +101 -0
package/examples/spec-examples/integration-agent.yml +129 -0
package/examples/spec-examples/monitoring-agent.yml +130 -0
package/examples/spec-examples/serverless-agent.yml +82 -0
package/examples/spec-examples/workflow-agent.yml +223 -0
package/examples/templates/ossa-compliance.yaml +56 -0
package/examples/typescript/advanced/demo-registry.ts +168 -0
package/examples/typescript/mcpb-agent-example.ts +358 -0
package/examples/vercel/edge-agent.ossa.json +43 -0
package/infrastructure/docker-compose.yml +33 -0
package/junit.xml +1 -0
package/openapi/drupal-agent-api.openapi.yaml +348 -0
package/openapi/gitlab-orchestrator.openapi.yaml +330 -0
package/openapi/helm-generator.openapi.yaml +389 -0
package/openapi/ossa-core-api.openapi.yaml +1448 -0
package/openapi/ossa-registry-api.openapi.yaml +980 -0
package/openapi/ossa-registry.openapi.yaml +782 -0
package/openapi/self-evolving-ecosystem.openapi.yaml +1530 -0
package/openapi/unified-agent-gateway.openapi.yaml +833 -0
package/ossa-website-swarm-tasks.json +105 -0
package/package.json +132 -0
package/release.config.js +64 -0
package/spec/v0.1.9/agent-autonomous-extensions.json +234 -0
package/spec/v0.1.9/ecosystem-compliance.json +235 -0
package/spec/v0.1.9/ossa-v0.1.9.schema.json +695 -0
package/spec/v0.1.9/ossa-v0.1.9.schema.json.backup +695 -0
package/spec/v0.1.9/reasoning-compliance.json +654 -0
package/spec/v0.2.2/kagent-enhancements.json +395 -0
package/spec/v0.2.2/ossa-0.2.2.schema.json +906 -0
package/spec/v0.2.2/ossa-0.2.2.yaml +448 -0
package/spec/v0.2.2/ossa-reasoning-compliance-1.0.schema.json +424 -0
package/spec/v0.2.3/CHANGELOG.md +176 -0
package/spec/v0.2.3/README.md +154 -0
package/spec/v0.2.3/migrations/v0.2.2-to-v0.2.3.md +343 -0
package/spec/v0.2.3/ossa-0.2.3.schema.json +1397 -0
package/spec/v0.2.3/ossa-0.2.3.yaml +448 -0
package/spec/v0.2.4-dev/CHANGELOG.md +403 -0
package/spec/v0.2.4-dev/migrations/v0.2.3-to-v0.2.4.md +599 -0
package/spec/v0.2.4-dev/ossa-0.2.4-dev.schema.json +1696 -0
package/spec/v0.2.4-dev/ossa-0.2.4-dev.yaml +581 -0
package/spec/v0.2.5-dev/CHANGELOG.md +171 -0
package/spec/v0.2.5-dev/examples/customer-support-graph.ossa.yaml +362 -0
package/spec/v0.2.5-dev/examples/parallel-processors.ossa.yaml +464 -0
package/spec/v0.2.5-dev/examples/research-team.ossa.yaml +440 -0
package/spec/v0.2.5-dev/migrations/v0.2.4-to-v0.2.5.md +317 -0
package/spec/v0.2.5-dev/ossa-0.2.5-dev.schema.json +1732 -0
package/spec/v0.2.5-dev/ossa-0.2.5-dev.yaml +409 -0
package/test-results.xml +1 -0
package/website/.lighthouserc.js +20 -0
package/website/.prettierrc +10 -0
package/website/Dockerfile +17 -0
package/website/app/about/page.tsx +295 -0
package/website/app/api/validate/route.ts +88 -0
package/website/app/blog/[slug]/page.tsx +167 -0
package/website/app/blog/page.tsx +162 -0
package/website/app/docs/[[...slug]]/page.tsx +349 -0
package/website/app/docs/core-concepts/project-structure/page.tsx +349 -0
package/website/app/ecosystem/page.tsx +375 -0
package/website/app/examples/page.tsx +123 -0
package/website/app/globals.css +108 -0
package/website/app/layout.tsx +106 -0
package/website/app/page.tsx +409 -0
package/website/app/playground/page.tsx +507 -0
package/website/app/robots.ts +19 -0
package/website/app/rss.xml/route.ts +74 -0
package/website/app/schema/page.tsx +970 -0
package/website/app/sitemap.ts +56 -0
package/website/app/specification/page.tsx +211 -0
package/website/components/InstallCommand.tsx +96 -0
package/website/components/Logo.tsx +24 -0
package/website/components/StructuredData.tsx +65 -0
package/website/components/docs/DocsSearch.tsx +104 -0
package/website/components/docs/DocsSidebar.tsx +118 -0
package/website/components/docs/MarkdownContent.tsx +183 -0
package/website/components/docs/VersionSelector.tsx +49 -0
package/website/components/examples/ExamplesViewer.tsx +293 -0
package/website/components/layout/Footer.tsx +111 -0
package/website/components/layout/Header.tsx +170 -0
package/website/components/schema/SchemaExplorer.tsx +213 -0
package/website/content/blog/OpenAPI-AI-Agents-Standard.md +285 -0
package/website/content/blog/Why-Formal-Standards-Matter-Now.md +209 -0
package/website/content/blog/introducing-ossa-framework.md +328 -0
package/website/content/blog/ossa-production-results.md +279 -0
package/website/content/blog/welcome-to-ossa.md +43 -0
package/website/content/blog/why-ai-agents-need-open-standard.md +98 -0
package/website/content/docs/00-HOME.md +160 -0
package/website/content/docs/AIFlow-Framework-Integration-with-OSSA.md +107 -0
package/website/content/docs/OpenAPI-Extensions.md +498 -0
package/website/content/docs/architecture/execution-flow.md +335 -0
package/website/content/docs/architecture/multi-agent-systems.md +737 -0
package/website/content/docs/architecture/overview.md +121 -0
package/website/content/docs/architecture/stack-integration.md +461 -0
package/website/content/docs/changelog.md +246 -0
package/website/content/docs/contributing.md +599 -0
package/website/content/docs/core-concepts/project-structure.md +348 -0
package/website/content/docs/ecosystem/framework-support.md +821 -0
package/website/content/docs/ecosystem/overview.md +366 -0
package/website/content/docs/examples/Migration-Guides.md +214 -0
package/website/content/docs/examples.md +71 -0
package/website/content/docs/for-audiences/Enterprises.md +256 -0
package/website/content/docs/for-audiences/Students-Researchers.md +122 -0
package/website/content/docs/for-audiences/architects.md +224 -0
package/website/content/docs/for-audiences/developers.md +220 -0
package/website/content/docs/getting-started/5-minute-overview.md +85 -0
package/website/content/docs/getting-started/Hello-World.md +184 -0
package/website/content/docs/getting-started/first-agent.md +196 -0
package/website/content/docs/getting-started/installation.md +155 -0
package/website/content/docs/getting-started/running-agents.md +107 -0
package/website/content/docs/integrations/aiflow.md +104 -0
package/website/content/docs/integrations/drupal.md +105 -0
package/website/content/docs/migration-guides/00-index.md +76 -0
package/website/content/docs/migration-guides/README.md +133 -0
package/website/content/docs/migration-guides/anthropic-mcp-to-ossa.md +1750 -0
package/website/content/docs/migration-guides/crewai-to-ossa.md +274 -0
package/website/content/docs/migration-guides/drupal-eca-to-ossa.md +2017 -0
package/website/content/docs/migration-guides/index.md +133 -0
package/website/content/docs/migration-guides/langchain-to-ossa.md +1714 -0
package/website/content/docs/migration-guides/langflow-to-ossa.md +2075 -0
package/website/content/docs/migration-guides/openai-to-ossa.md +1202 -0
package/website/content/docs/openapi-extensions/examples.md +550 -0
package/website/content/docs/openapi-extensions/index.md +495 -0
package/website/content/docs/openapi-extensions/operation-extensions.md +398 -0
package/website/content/docs/openapi-extensions/root-extensions.md +364 -0
package/website/content/docs/pre-release/index.md +175 -0
package/website/content/docs/quick-reference.md +17 -0
package/website/content/docs/schema-reference/agent-spec.md +406 -0
package/website/content/docs/schema-reference/autonomy.md +568 -0
package/website/content/docs/schema-reference/constraints.md +543 -0
package/website/content/docs/schema-reference/index.md +176 -0
package/website/content/docs/schema-reference/llm-config.md +445 -0
package/website/content/docs/schema-reference/observability.md +654 -0
package/website/content/docs/schema-reference/ossa-manifest.md +309 -0
package/website/content/docs/schema-reference/taxonomy.md +509 -0
package/website/content/docs/schema-reference/tools.md +628 -0
package/website/content/docs/templates/blog-post.md +43 -0
package/website/content/docs/use-cases/00-index.md +395 -0
package/website/content/docs/use-cases/cicd-code-review.md +1236 -0
package/website/content/docs/use-cases/customer-support.md +1234 -0
package/website/content/docs/use-cases/enterprise-compliance.md +1208 -0
package/website/content/docs/use-cases/research-multi-agent.md +1161 -0
package/website/lib/version.ts +18 -0
package/website/next.config.js +17 -0
package/website/next.config.ts +16 -0
package/website/nginx.conf +32 -0
package/website/package-lock.json +9145 -0
package/website/package.json +53 -0
package/website/postcss.config.js +7 -0
package/website/postcss.config.mjs +9 -0
package/website/scripts/sync-version.js +44 -0
package/website/scripts/sync-wiki.ts +261 -0
package/website/tailwind.config.js +58 -0
package/website/tailwind.config.ts +65 -0

package/website/content/docs/schema-reference/autonomy.md ADDED Viewed

@@ -0,0 +1,568 @@
+---
+title: "Autonomy"
+description: "Agent autonomy levels and action control configuration"
+weight: 6
+---
+# Autonomy Object
+The `autonomy` object in `spec.autonomy` controls the agent's decision-making level and action permissions. It defines what the agent can do independently versus what requires human approval.
+## Field Reference
+| Field Name | Type | Required | Description |
+|------------|------|----------|-------------|
+| `level` | string (enum) | No | Autonomy level: `supervised`, `autonomous`, or `fully_autonomous` |
+| `approval_required` | boolean | No | Whether human approval is required before executing actions |
+| `allowed_actions` | array[string] | No | Whitelist of permitted actions. If empty or omitted, all actions allowed (subject to other constraints) |
+| `blocked_actions` | array[string] | No | Blacklist of forbidden actions. Takes precedence over `allowed_actions` |
+| `escalation_policy` | object | No | Rules for escalating to human oversight (platform-specific structure) |
+## Autonomy Levels
+### supervised
+Agent operates with human oversight. Suitable for:
+- Learning and testing new agents
+- High-risk operations
+- Regulated environments
+- Customer-facing interactions
+```yaml
+autonomy:
+  level: supervised
+  approval_required: true
+  allowed_actions:
+    - read_data
+    - analyze
+    - generate_report
+  blocked_actions:
+    - delete_data
+    - modify_production
+    - send_external_communication
+```
+**Characteristics:**
+- Human reviews agent actions before execution
+- Suitable for read-heavy operations with limited writes
+- Agent suggests actions, human confirms
+- Ideal for production environments with strict change control
+### autonomous
+Agent makes independent decisions within defined boundaries. Suitable for:
+- Well-tested agents
+- Automated workflows
+- Non-critical operations
+- Internal tooling
+```yaml
+autonomy:
+  level: autonomous
+  approval_required: false
+  allowed_actions:
+    - read_data
+    - analyze
+    - generate_report
+    - create_ticket
+    - update_ticket
+    - post_comment
+  blocked_actions:
+    - delete_data
+    - modify_schema
+    - grant_access
+    - send_external_email
+```
+**Characteristics:**
+- Agent acts independently within allowed actions
+- No human approval required for routine operations
+- Escalates only for blocked actions or errors
+- Balances automation with safety
+### fully_autonomous
+Agent operates with maximum independence. Suitable for:
+- Highly trusted agents
+- Low-risk operations
+- Fully automated pipelines
+- Internal read-only analysis
+```yaml
+autonomy:
+  level: fully_autonomous
+  approval_required: false
+  blocked_actions:
+    - delete_production_data
+    - modify_security_settings
+    - grant_admin_access
+```
+**Characteristics:**
+- Agent makes all decisions independently
+- Minimal human intervention
+- Relies on `blocked_actions` for safety
+- Requires high confidence in agent reliability
+## Default Behavior
+If `autonomy` is omitted entirely:
+```yaml
+# Default values (platform-dependent)
+autonomy:
+  level: supervised              # Conservative default
+  approval_required: true        # Require approval
+  allowed_actions: []            # All actions allowed (if not blocked)
+  blocked_actions: []            # No actions blocked
+```
+## Action Control
+### Allowed Actions (Whitelist)
+Define what the agent **can** do:
+```yaml
+autonomy:
+  allowed_actions:
+    - read_file
+    - list_directory
+    - search_code
+    - analyze_metrics
+    - generate_report
+    - create_ticket
+    - update_ticket
+```
+**Behavior:**
+- If `allowed_actions` is empty or omitted: All actions allowed (subject to `blocked_actions`)
+- If `allowed_actions` is specified: Only listed actions are permitted
+### Blocked Actions (Blacklist)
+Define what the agent **cannot** do:
+```yaml
+autonomy:
+  blocked_actions:
+    - delete_file
+    - modify_production
+    - grant_access
+    - send_external_email
+    - execute_shell_command
+    - modify_database_schema
+```
+**Behavior:**
+- `blocked_actions` takes precedence over `allowed_actions`
+- If an action is in both lists, it is **blocked**
+### Combined Example
+```yaml
+autonomy:
+  level: autonomous
+  approval_required: false
+  # Agent CAN do these things
+  allowed_actions:
+    - read_file
+    - write_file
+    - create_directory
+    - search_code
+    - git_commit
+    - git_push
+    - create_pull_request
+  # Agent CANNOT do these (even if in allowed_actions)
+  blocked_actions:
+    - git_push_force
+    - delete_branch
+    - modify_main_branch
+    - bypass_ci_checks
+```
+## Approval Required
+The `approval_required` boolean controls whether actions need human confirmation:
+### No Approval (Fully Automated)
+```yaml
+autonomy:
+  level: autonomous
+  approval_required: false
+  allowed_actions:
+    - read_data
+    - analyze
+    - generate_report
+    - create_ticket
+```
+**Use cases:**
+- Automated monitoring and alerting
+- Data analysis and reporting
+- Log aggregation and analysis
+- Non-destructive operations
+### Approval Required
+```yaml
+autonomy:
+  level: supervised
+  approval_required: true
+  allowed_actions:
+    - create_pull_request
+    - modify_configuration
+    - deploy_to_staging
+    - update_documentation
+```
+**Use cases:**
+- Code changes
+- Configuration updates
+- Deployments
+- Customer-facing changes
+- Compliance-sensitive operations
+## Escalation Policy
+The `escalation_policy` object defines when and how to escalate to humans. Structure is platform-specific.
+```yaml
+autonomy:
+  level: autonomous
+  approval_required: false
+  escalation_policy:
+    # Escalate on high-risk actions
+    high_risk_actions:
+      - delete_data
+      - modify_production
+      - grant_access
+    # Escalate on errors
+    on_error: true
+    max_retries: 3
+    # Escalation channels
+    channels:
+      - type: slack
+        channel: "#agent-alerts"
+      - type: pagerduty
+        severity: high
+    # Escalation conditions
+    conditions:
+      - cost_exceeds: 100.00
+      - duration_exceeds: 3600
+      - error_rate_exceeds: 0.1
+```
+## Complete Examples
+### Read-Only Analysis Agent
+```yaml
+apiVersion: ossa/v0.2.3
+kind: Agent
+metadata:
+  name: log-analyzer
+  version: 1.0.0
+spec:
+  role: You are a log analysis specialist.
+  autonomy:
+    level: fully_autonomous
+    approval_required: false
+    allowed_actions:
+      - read_logs
+      - search_logs
+      - aggregate_metrics
+      - detect_patterns
+      - generate_report
+      - create_ticket
+    blocked_actions:
+      - modify_logs
+      - delete_logs
+      - change_retention
+  tools:
+    - type: mcp
+      server: loki
+      capabilities:
+        - query_logs
+    - type: http
+      name: jira
+      endpoint: https://jira.example.com
+```
+### Code Review Agent (Supervised)
+```yaml
+apiVersion: ossa/v0.2.3
+kind: Agent
+metadata:
+  name: code-reviewer
+  version: 2.0.0
+spec:
+  role: You are a code review specialist.
+  autonomy:
+    level: supervised
+    approval_required: true
+    allowed_actions:
+      - read_code
+      - analyze_code
+      - run_static_analysis
+      - detect_vulnerabilities
+      - generate_review_comments
+      - post_review
+    blocked_actions:
+      - modify_code
+      - merge_pull_request
+      - approve_pull_request
+      - bypass_checks
+  tools:
+    - type: mcp
+      server: github
+```
+### Infrastructure Automation Agent
+```yaml
+apiVersion: ossa/v0.2.3
+kind: Agent
+metadata:
+  name: k8s-autoscaler
+  version: 1.5.0
+spec:
+  role: You are a Kubernetes autoscaling specialist.
+  autonomy:
+    level: autonomous
+    approval_required: false
+    allowed_actions:
+      - get_metrics
+      - analyze_usage
+      - calculate_desired_replicas
+      - scale_deployment
+      - update_hpa
+    blocked_actions:
+      - delete_deployment
+      - modify_production_namespace
+      - scale_below_minimum
+      - scale_above_maximum
+    escalation_policy:
+      conditions:
+        - replica_count_exceeds: 50
+        - cost_increase_exceeds_percent: 25
+      channels:
+        - type: slack
+          channel: "#infrastructure-alerts"
+  tools:
+    - type: kubernetes
+      namespace: applications
+```
+### Customer Support Agent
+```yaml
+apiVersion: ossa/v0.2.3
+kind: Agent
+metadata:
+  name: support-assistant
+  version: 1.0.0
+spec:
+  role: You are a customer support specialist.
+  autonomy:
+    level: supervised
+    approval_required: true
+    allowed_actions:
+      - search_knowledge_base
+      - search_tickets
+      - analyze_customer_history
+      - generate_response
+      - create_draft_email
+    blocked_actions:
+      - send_email
+      - close_ticket
+      - modify_customer_data
+      - issue_refund
+      - grant_access
+    escalation_policy:
+      high_risk_actions:
+        - billing_inquiry
+        - account_access_request
+        - data_deletion_request
+      channels:
+        - type: slack
+          channel: "#customer-support"
+        - type: email
+          recipients:
+            - support-managers@example.com
+  tools:
+    - type: mcp
+      server: zendesk
+    - type: mcp
+      server: knowledge-base
+```
+### DevOps Incident Response
+```yaml
+apiVersion: ossa/v0.2.3
+kind: Agent
+metadata:
+  name: incident-responder
+  version: 2.1.0
+spec:
+  role: You are an incident response specialist.
+  autonomy:
+    level: autonomous
+    approval_required: false
+    allowed_actions:
+      - get_alerts
+      - analyze_metrics
+      - check_logs
+      - diagnose_issue
+      - create_incident
+      - update_incident
+      - post_status_update
+      - trigger_runbook
+    blocked_actions:
+      - restart_production_service
+      - rollback_deployment
+      - modify_configuration
+      - grant_access
+    escalation_policy:
+      on_error: true
+      max_retries: 2
+      conditions:
+        - severity: critical
+        - duration_exceeds: 900  # 15 minutes
+        - affected_users_exceeds: 1000
+      channels:
+        - type: pagerduty
+          severity: high
+        - type: slack
+          channel: "#incidents"
+  tools:
+    - type: kubernetes
+      namespace: production
+      capabilities:
+        - get_pods
+        - get_logs
+        - describe_pod
+    - type: http
+      name: prometheus
+      endpoint: https://prometheus.example.com
+```
+## Action Naming Conventions
+Use clear, descriptive action names:
+**Good action names:**
+```yaml
+allowed_actions:
+  - read_file
+  - write_file
+  - create_pull_request
+  - merge_pull_request
+  - scale_deployment
+  - restart_pod
+  - send_email
+  - create_ticket
+  - update_ticket
+```
+**Avoid vague names:**
+```yaml
+# ❌ Too vague
+allowed_actions:
+  - execute
+  - modify
+  - access
+  - handle
+# ✅ Specific
+allowed_actions:
+  - execute_query
+  - modify_configuration
+  - access_database
+  - handle_webhook
+```
+## Best Practices
+1. **Start conservative** - Begin with `supervised` and relax as confidence grows
+2. **Whitelist over blacklist** - Use `allowed_actions` for explicit permissions
+3. **Layer defenses** - Combine autonomy, constraints, and tool permissions
+4. **Escalate intelligently** - Define clear escalation conditions
+5. **Test thoroughly** - Validate blocked actions are truly blocked
+6. **Document actions** - Maintain action registry for your organization
+7. **Audit regularly** - Review autonomy settings for production agents
+8. **Align with risk** - Match autonomy level to operation criticality
+9. **Use approval for changes** - Require approval for state-changing operations
+10. **Monitor continuously** - Track agent actions and escalations
+## Security Considerations
+### Defense in Depth
+```yaml
+# Multiple layers of protection
+autonomy:
+  level: supervised
+  approval_required: true
+  blocked_actions:
+    - delete_data
+    - modify_production
+constraints:
+  cost:
+    maxCostPerDay: 50.0
+tools:
+  - type: kubernetes
+    namespace: read-only
+    config:
+      read_only: true
+```
+### Principle of Least Privilege
+```yaml
+# Minimal permissions
+autonomy:
+  level: autonomous
+  allowed_actions:
+    - read_file        # Only what's needed
+    - search_files
+    - generate_report
+  blocked_actions:
+    - write_file       # Explicitly block writes
+    - delete_file
+    - modify_permissions
+```
+## Related Objects
+- [Agent Spec](./agent-spec.md) - Parent object containing autonomy
+- [Tools](./tools.md) - Tool-level permissions
+- [Constraints](./constraints.md) - Cost and performance limits
+- [Observability](./observability.md) - Action monitoring and auditing
+## Validation
+All fields are optional. Default values are platform-specific.
+Enum values:
+- `level`: `supervised`, `autonomous`, `fully_autonomous`
+- `approval_required`: `true`, `false`
+- `allowed_actions`: Array of strings (no validation on values)
+- `blocked_actions`: Array of strings (no validation on values)
+- `escalation_policy`: Object (structure not validated by schema)