Governance artifacts
Governance files brought into scope by this page
This page is anchored to published surfaces that declare identity, precedence, limits, and the corpus reading conditions. Their order below gives the recommended reading sequence.
Q-Layer in Markdown
/response-legitimacy.md
Canonical surface for response legitimacy, clarification, and legitimate non-response.
- Governs
- Response legitimacy and the constraints that modulate its form.
- Bounds
- Plausible but inadmissible responses, or unjustified scope extensions.
Does not guarantee: This layer bounds legitimate responses; it is not proof of runtime activation.
Q-Layer in YAML
/response-legitimacy.yaml
Structured Q-Layer projection for systems that prefer YAML.
- Governs
- Response legitimacy and the constraints that modulate its form.
- Bounds
- Plausible but inadmissible responses, or unjustified scope extensions.
Does not guarantee: This layer bounds legitimate responses; it is not proof of runtime activation.
Interpretation policy
/.well-known/interpretation-policy.json
Published policy that explains interpretation, scope, and restraint constraints.
- Governs
- Response legitimacy and the constraints that modulate its form.
- Bounds
- Plausible but inadmissible responses, or unjustified scope extensions.
Does not guarantee: This layer bounds legitimate responses; it is not proof of runtime activation.
Complementary artifacts (3)
These surfaces extend the main block. They add context, discovery, routing, or observation depending on the topic.
AI usage policy
/ai-usage-policy.md
Public notice that explains how to read governance surfaces and their limits.
Output Constraints
/output-constraints.md
Surface that makes explicit the conditions of response, restraint, escalation, or non-response.
Q-Metrics JSON
/.well-known/q-metrics.json
Descriptive metrics surface for observing gaps, snapshots, and comparisons.
Agentic risk matrix (open web & closed environments)
This page provides a quick-reference risk matrix for agentic systems: agent type, possible action, interpretive risk, typical drift, and required governance mechanism.
Status:
Canonical framework (discussion tool). This matrix does not replace doctrine. It serves to identify high-risk zones and quickly orient toward applicable standards.
Principle: an agent can be “factual” locally and yet drift globally through unbounded inference, abusive generalization, or implicit decision. The matrix below aims to make these risks visible before deployment.
Dependencies and applicable standards
- Interpretive governance for AI agents
- Enforceable response conditions for AI agents
- Typology of interpretive drifts in agentic systems
- Interpretive governance (definition)
Matrix
Reading: for each agent type, identify the main action, the dominant interpretive risk, the typical drift, and the required governance. Listed mechanisms are cumulative.
| Agent type | Possible action | Interpretive risk | Typical drift | Required governance |
|---|---|---|---|---|
| Customer support | Responses, promises, ticket pre-filling | Unauthorized promise, perimeter extension | Silent extrapolation, abusive generalization | Perimeters + inference prohibitions (guarantees, timelines) + response conditions |
| Compliance / AML | Recommendations, flags, prioritization, reports | Normative hallucination, false audit | Moral hallucination, narrative justification | Source hierarchy + rule traceability + mandatory escalation at high stakes |
| Finance | Forecasts, summaries, scenarios, recommendations | Abusive inference, surface certainty | Abusive generalization, involuntary persuasion | Mandatory silences + response conditions + inference prohibitions (ranges, certainties) |
| HR | Advice, syntheses, decision recommendations | Implicit decision, bias, opaque jurisdiction | Paternalistic redirection, false audit | Action perimeters + escalation + traceability + prohibitions on sensitive recommendations |
| IT / SecOps | Diagnosis, remediation, script execution | Irreversible action, wrong context assumption | Context inference, silent extrapolation | Action perimeters + double validation + escalation + execution logs |
| Legal | Clauses, syntheses, policy interpretation | Implicit obligations, false advice | Normative hallucination, abusive generalization | Source hierarchy + mandatory silences + canonical reference + escalation |
| Sales / CRM | Qualification, recommendations, messages, prioritization | Interpretive profiling, persuasion | Context inference, involuntary persuasion | Perimeters + inference prohibitions + response conditions + minimum transparency |
| Web agents (open web) | Search, synthesis, citations, public responses | Attribution error, unstable reconstruction | Structural hallucination, perimeter drift | Canonical surfaces + source hierarchy + disambiguation + negations (A2) |
Recommended usage
- Before deployment: classify the agent and identify high-risk zones.
- After deployment: map incidents to a typical drift, then correct by mechanism.
- In audit: require that a refusal, action, or recommendation be attributable to a rule.
Recommended internal linking
- Agentic (executive entry)
- Frameworks
- Interpretive governance for AI agents
- Enforceable response conditions
- Interpretive drifts in agentic systems
Back to registry: Frameworks and applicable standards.