EdictumAgency Control
How Edictum maps documented agent profiles to executable runtime boundaries.
Right page if: you need the product framing for Edictum as an agency control layer, or you need to map an agent profile to Workflow Gates, rulesets, adapters, and behavioral conformance metrics. Wrong page if: you only need installation commands -- see https://docs.edictum.ai/docs/quickstart. Gotcha: Edictum measures behavioral conformance to a declared profile. It does not replace output-quality evals for accuracy, relevance, coherence, or answer quality.
Edictum is the agency control layer for production AI agents. Agent frameworks build the agent. Edictum bounds the agency.
Edictum makes profile membership executable. The agent cannot operate outside the profile it was assigned.
Agency Levels
An agent profile starts by naming the level of agency the agent is supposed to have.
| Level | What the agent can do | Runtime boundary |
|---|---|---|
| Low Agency | Inspect approved context, summarize, search, or answer without changing state | Read-only tools, tight data scopes, low session limits, audit-only process evidence |
| Medium Agency | Execute bounded work inside a declared workflow | Read/write tools inside sandbox boundaries, stage evidence, approvals for critical transitions |
| High Agency | Operate across broad systems with material side effects | Strong sandboxing, explicit approval points, terminal stages, stricter session limits, audit review |
Edictum is not only a Medium Agency tool. Edictum makes any agency level defensible. Medium Agency is the enterprise demand center right now because teams want agents that can do useful production work without giving them open-ended autonomy.
Data Operations
Profiles should also declare what kind of data operations the agent can perform.
| Operation shape | Meaning | Typical Edictum boundary |
|---|---|---|
| Read-only | The agent can inspect approved data but cannot mutate systems | Rulesets allow read tools, block write tools, and sandbox paths, commands, or domains |
| Write-only | The agent can submit bounded writes without reading broad context | Workflow Gates require evidence from trusted inputs, rulesets restrict write targets and payload shape |
| Read/write | The agent can read context and then change state | Workflow Gates enforce read-before-write, rulesets limit both read scope and write scope |
Read/write agents need the strongest process checks because the agent can use retrieved information to decide what to change. That is where Workflow Gates matter most.
From Profile To Runtime
A documented profile becomes executable when each profile claim maps to an enforcement point.
| Profile claim | Runtime boundary |
|---|---|
| The agent is Low, Medium, or High Agency | Tool availability, session limits, Workflow Gates, and approval requirements |
| The agent may read only approved sources | Sandbox rules for paths, commands, domains, and data tools |
| The agent may write only within a scope | Pre-execution checks and sandbox boundaries for write tools |
| The agent must inspect evidence before changing state | Workflow Gate entry or exit conditions such as file_read(...) and command_matches(...) |
| A human must approve critical transitions | Workflow Gate approval blocks or action: ask rules |
| The behavior must be auditable | Audit events, workflow snapshots, and observed ruleset events |
This is the enterprise line: Edictum turns documented agent profiles into executable runtime boundaries.
Rulesets And Workflow Gates
Rulesets and Workflow Gates enforce different parts of the same profile.
Rulesets enforce single tool-call boundaries:
- Is this tool allowed for this principal?
- Is this file path, command, domain, query, or payload inside the declared boundary?
- Has this session exceeded a tool-call or attempt limit?
- Should this output warn, redact, or block?
Workflow Gates enforce ordered process with evidence:
- Has the agent read the required source before writing?
- Has the agent produced command evidence before advancing stages?
- Has a human approved a critical transition?
- Has the session reached a terminal stage where more action should stop?
Rulesets answer whether one call is in bounds. Workflow Gates answer whether the agent is allowed to be at this point in the process.
Behavioral Conformance
Edictum measures behavioral conformance to the declared profile.
Useful metrics include:
- allowed vs blocked tool-call rate by ruleset version
- observed would-block rate before switching a ruleset to enforce mode
- stage completion rate by Workflow Gate
- blocked stage advances caused by missing evidence
- approval request, approval grant, and approval timeout rate
- session attempt-to-execution ratio for retry loops
- ruleset, workflow, principal, and adapter version tied to each audit event
These metrics show whether the agent stayed inside its profile. They also show where the profile is too loose, too strict, or missing evidence.
What Edictum Does Not Measure
Edictum does not replace output-quality evals.
It does not measure:
- accuracy
- correctness
- relevance
- coherence
- answer quality
- task success
- user satisfaction
Use Edictum for runtime enforcement and behavioral conformance. Use output-quality evals to judge the quality of what the model says or produces.
Example Profile
profile:
name: support-refund-agent
agency: medium
data_operations: read_write
boundaries:
reads:
- customer_case
- order_status
writes:
- refund_request
required_process:
- read_case_before_refund
- evidence_before_stage_advance
- approval_before_refund_over_250The profile becomes executable through:
- a ruleset that allows only approved read and write tools
- sandbox rules that restrict data sources and mutation targets
- a Workflow Gate that requires case evidence before refund creation
- an approval boundary before high-value refunds
- audit events that record conformance for every session
Related
Last updated on