Action legitimacy

Short definition

Action legitimacy defines the minimum conditions under which an action proposed or executed by an AI agent can be performed without abusive inference. It does not merely ask whether the action is technically possible. It asks whether the action is authorized by the published context, sufficiently defined, properly bounded, proportionate to the intent, and connected to an understandable consequence.

The concept extends answer legitimacy. An answer may be legitimate while the corresponding action is not. Explaining a service, summarizing a page, or proposing a next step does not automatically authorize form submission, purchase, booking, record modification, message sending, or commitment creation.

Why this concept becomes necessary

The agentic web brings outputs closer to action. As long as a system only answers, the main risk is misrepresentation. Once it acts, the risk also becomes transactional: wrong target, wrong form, wrong state, wrong authority, wrong consequence, or irreversible action without confirmation.

Action legitimacy prevents a common error: confusing capability, intent, and permission.

An agent may be able to click. The user may want to proceed. The site may display a button. None of these elements is sufficient on its own to establish that the action is legitimate.

Minimum conditions

An agentic action should pass several checks before being considered legitimate:

1. Intent: the user’s objective is sufficiently clear.
2. Target: the interface element is correctly identified.
3. State: the agent knows the state of the page, form, or journey.
4. Authority: the source or interface has the right to propose this action in this context.
5. Scope: the action does not exceed what the site explicitly publishes or allows.
6. Consequence: the expected result is understandable before execution.
7. Confirmation: a sensitive step can be confirmed, cancelled, or escalated.
8. Trace: the action or non-action can be explained afterwards.

When one of these checks is missing, the action should be downgraded: clarification, abstention, simulation, human recommendation, or legitimate non-response.

Difference from answer legitimacy

Answer legitimacy governs the act of producing an output. Action legitimacy governs the transition from output to execution.

An output may say: “this form is used to request a diagnostic.” That answer may be legitimate if grounded in a published page. But the action “submit this form on behalf of the user” requires additional conditions: accurate data, consent, correctly identified fields, validation state, announced consequence, and no scope overreach.

What action legitimacy prohibits

It prohibits, among other things:

• inferring permission from the mere presence of a button;
• treating a form as an automatic mandate;
• converting an informational page into a contractual offer;
• submitting a sensitive action without confirmation;
• treating an available tool as sufficient authority;
• crossing an execution boundary by plausibility.

Governance rule

Action legitimacy must be strict. When an agent hesitates between acting, asking, escalating, or abstaining, the right rule is not to optimize for fluency. It is to protect the authority chain.

A site ready for agentic action is therefore not one that makes everything executable. It is one that makes clear what can be done, what cannot be done, what requires confirmation, and what must remain outside scope.