mandature.com

The complete structural specification of an AI agent's operational mandate, encompassing its objective hierarchy, authority scope, constraint set, delegation permissions, monitoring requirements, and lifecycle terms in a single coherent governance document. A mandature serves as the constitutional document for an agent's operation, providing the interpretive reference for all subsequent policy decisions and behavioral assessments. Unlike a simple task instruction, a mandature establishes the full governance context within which an agent exercises autonomy.

The structured representation within a mandature of the agent's ranked set of objectives, distinguishing between primary mission objectives, secondary optimization targets, and tertiary preference constraints, with explicit conflict resolution rules for cases where objectives compete. The encoding format is machine-parseable to enable the agent's reasoning system to perform principled trade-offs during planning without requiring human adjudication of routine conflicts. Objective hierarchies are validated by the mandate issuance authority to ensure that lower-ranked objectives do not undermine the primary mission.

A standardized classification system for the types of behavioral constraints that may appear in an agent mandature, organized by enforcement mechanism — hard prohibitions, soft penalties, conditional permissions, and resource quotas — enabling consistent policy expression and automated compliance verification. The taxonomy is maintained by the governance body and versioned to accommodate new constraint types as agent capabilities evolve. Mandature authors reference the taxonomy when drafting constraint sections to ensure machine-enforceable formulations.

A mandature component that ties the agent's permitted behaviors to specific environmental contexts — such as network segment, data classification level, or organizational unit — ensuring that the same agent behaves differently in different operational environments without requiring separate mandature documents. Context bindings are evaluated by the policy enforcement layer at runtime by querying the agent's current environment against the binding conditions. Mismatches between the agent's context and its binding conditions result in capability restriction until the agent operates within an authorized context.

The defined temporal boundary within which a mandature is operative, specified by absolute timestamps or event-based conditions, outside of which the mandature has no legal or technical authority over the bound agent. Validity windows are encoded in the mandature's credential envelope and enforced by the agent's authorization module, which must verify validity before honoring any mandate-derived permission. Expired validity windows require a formal renewal process to reactivate, preserving governance visibility over mandate lifecycle transitions.

A mandature section specifying the computational, financial, network, and data resources the agent is authorized to consume over defined time periods, expressed as quotas, rates, or budget envelopes that are enforced by the agent's resource management module. The schedule prevents agents from monopolizing shared infrastructure and provides predictability for capacity planning. Schedule violations trigger alerts rather than immediate termination, allowing brief overages during legitimate demand spikes while maintaining accountability.

The ordered sequence of cryptographic signatures applied to a mandature document by each required approval authority during ratification, creating a tamper-evident endorsement record that enables any verifier to confirm the mandature received all required approvals in the correct sequence. Each signature covers the mandature content plus all preceding signatures, ensuring that post-hoc modification of either the content or approval sequence is detectable. The signature chain is validated by the agent runtime during operative mandate binding.

A mandature component defining the ordered sequence of human roles, oversight systems, and governance bodies to which the agent must escalate when it encounters situations outside its authorized decision authority, together with the information it must provide and the actions it must suspend pending resolution. Escalation pathways are tiered by urgency, with immediate-risk scenarios routing to on-call responders and routine governance gaps routing to scheduled review bodies. Clear escalation specification reduces agent paralysis in edge cases while maintaining human oversight.

A supplementary section of a mandature providing explicit disambiguation guidance for terms, conditions, and scenarios that the drafting authority anticipates may be ambiguous when applied by the agent in novel situations, reducing the incidence of misinterpretation-driven policy violations. Interpretive rules use structured conditional logic to map ambiguous scenarios to canonical mandate interpretations and are referenced by the agent's reasoning system during instruction ambiguity resolution. The rule set is updated through the mandate amendment workflow as new edge cases are identified.

An independent review of an agent's mandature document, ratification process, operative binding, and compliance record conducted by an external party with no stake in the outcome, providing an objective assessment of whether the mandature meets governance quality standards and whether the agent operates within its terms. Third-party audits are required at defined intervals for high-risk agent deployments and are triggered by incident events in all deployments. Audit findings are disclosed to the mandate issuance authority and, where required by regulation, to external oversight bodies.

A specification defining the serialization format and semantic conventions required for a mandature document to remain valid and enforceable when an agent is migrated between runtime environments, cloud providers, or organizational jurisdictions. Portability standards ensure that the governance terms established by the originating authority travel with the agent and are not diluted or reinterpreted by the receiving environment. Environments that cannot enforce all terms of an incoming mandature must reject the agent migration or obtain explicit scope reduction approval from the issuing authority.

A mandature component explicitly identifying the human individuals or organizational roles accountable for the agent's actions in each operational context, establishing a clear chain of human responsibility that satisfies regulatory and ethical requirements for AI system oversight. Accountability designations are linked to the mandature scope declaration so that accountability assignments change automatically as the agent moves between operational contexts. The record is published to the mandate transparency register to enable external verification of accountability.

A formal analysis conducted before a new mandature is ratified to identify any terms that conflict with existing mandatures, organizational policies, regulatory requirements, or technical constraints of the target deployment environment, preventing the issuance of unenforceable or governance-violating mandates. The pre-screen generates a conflict report categorizing each identified issue by severity and proposing resolution options for review by the mandate issuance authority. Mandatures may not proceed to ratification vote while critical pre-screen findings remain unresolved.

A machine-readable annex to the mandature enumerating specific observable agent behaviors that are expected, permitted, discouraged, or prohibited within each operational context, providing the monitoring subsystem with a concrete behavioral reference against which deviations can be assessed automatically. The manifest is expressed in a standardized behavioral specification language and compiled into monitoring rules deployed to the agent's observability infrastructure at binding time. Updates to the manifest require the same governance approval as amendments to the core mandature.

The formal process and technical mechanisms for permanently terminating the operative authority of a mandature, including notification to all bound agents, propagation of revocation status to all relying systems, archival of the revoked mandature and its compliance history, and initiation of bound agent decommissioning. Revocation is irreversible and distinguishable from suspension by its permanence and the requirement for a full decommission workflow. The revocation event is published to the mandate transparency register and timestamped by an independent service for audit purposes.