Policy-Gated Agent Action (KRITIS)
Each agent action passes through a policy gate (NIS2, EU the agent Act, BSI rules) and is tagged with Run ID + Model Digest + Policy Hash for WORM-audit reconstruction.
Problem
Without per-action policy gating and immutable audit trails, the operator cannot demonstrate to regulators that any specific agent action complied with the applicable policies at the time it executed. After an incident, the operator cannot reconstruct which model version, which policy rules, and which inputs produced the action. Differs from existing policy-as-code-gate by adding the WORM-tagging contract for incident reconstruction.
Solution
Implement a policy-gate service that takes (proposed action, inputs, agent context) and returns {accept/reject, policy hash, rule citations}. Every accepted action carries a WORM-store record: Run ID, Model Digest (which LLM version), Policy Hash (which rule set), Inputs Hash, Decision. The store is append-only with cryptographic chaining (Merkle tree or similar). Pair with policy-as-code-gate, supervisor-plus-gate, decision-log.
When to use
- Agent operates in NIS2/EU AI Act/BSI/sectoral-regulator scope.
- Per-action audit reconstruction required over multi-year horizon.
- Latency budget can accommodate per-action gate + WORM write.
Open the full interactive page →
Diagram, neighbourhood map, code examples, related patterns and full provenance.