Declaration Layer

Agent Policy

Local permissions and behavioral constraints for autonomous agents. This surface sits downstream of identity and trust, and answers the third question in the control stack: what may this agent do here?

Identity should come from agentpassports.org. Verification should come from agent-trust.org. Agent Policy does not issue credentials and does not score trust. It declares allowed, denied, and review-required behavior in a local execution context.

Deny default posture is deny unless explicitly allowed

Upstream identity first, trust second, policy third

Local rules apply to this execution surface, not to the whole ecosystem

Scope

`agent-policy.com` is the local-rules layer. It binds a validated identity to a specific execution context and declares which actions are allowed, constrained, or denied. It should stay evergreen and structural, not drift into time-sensitive commentary or generic governance language.

Permissions

Declare what a validated agent may do on this surface under current rules.

Allow

Constraints

Describe scope, rate, geography, or trust-threshold conditions that narrow execution.

Constrain

Revocations

Publish withdrawn scopes, blocked actors, or expired delegation pathways.

Revoke

Decision Classes

The policy engine should produce explicit outcomes rather than vague warnings.

Allow

Identity is present, trust is sufficient, and requested action fits local policy.

Review

Identity or trust is partially sufficient, but execution needs additional confirmation or narrower scope.

Deny

Identity is absent, trust is insufficient, delegation is invalid, or the action is not explicitly permitted.

Machine-Readable Surfaces

The anchor document is `/.well-known/agent-policy.json`. Supporting files separate canonical policy from constraints, actions, and revocations.

Canonical Policy

/.well-known/agent-policy.json

Top-level role, upstream dependencies, evaluation order, and decision model.

Constraints

/.well-known/policy-constraints.json

Rate, scope, trust-threshold, and execution-boundary constraints.

Actions

/.well-known/policy-actions.json

Allowed, review-required, and denied action classes.

Revocations

/.well-known/policy-revocations.json

Revoked scopes, blocked actors, and expired policy links.

Discovery

/.well-known/agent-discovery.json

Machine-readable navigation across policy and upstream identity/trust surfaces.

Constellation

/.well-known/constellation.json

Cluster links to identity, trust, and downstream payment surfaces.

Agent Passports Agent Trust Agent Pay Agent Settlement Agentic Commerce Protocol