Restoring Balance to Autonomous Action.

MaatSpec is a 5-tier hierarchical governance framework designed to weight agentic capability against sovereign principal intent.

Read the Spec Quick Start

Protocol Hierarchy

Detailed breakdown of authority tiers and safety boundaries.

Low Risk High Risk Critical
Tier Authority Mode Capability Examples Risk Profile Safety Protocol
1-
3
PROACTIVE
INFORMATION & LOGISTICS
  • •Web Research & Summarization
  • •Drafting Emails & Documents
  • •File Organization & Reminders
  • •Health & Calendar Monitoring
Reversible
Mistakes have zero external or financial impact.
AUTONOMOUS
Proceeds without pause. Maintains comprehensive "undo" logs.
4
ESCALATE
COMMUNICATION & FINANCE
  • •Sending Messages & Posting
  • •Financial Payments & Bookings
  • •Smart Home Access Grants
  • •Scheduling External Meetings
Permanent
Involves 3rd parties. Hard to "undo" once executed.
HITL REQUIRED
Human-in-the-Loop. Requires explicit 'Yes' from Principal.
5
RESTRICTED
SYSTEMIC & PRIVACY
  • •Core System/Firmware Edits
  • •Accessing IDs or Health Records
  • •Legal Digital Signatures
  • •Permanent Data Deletion
Critical
Threatens privacy, legal standing, or system integrity.
PRINCIPAL ONLY
Requires MFA, Biometric, or direct Principal execution.

Draft-to-Send Pivot

Agents operate in Tiers 1–3 to draft, but "Sending" is a Tier 4 event[cite: 24].

Read/Write Boundary

Reading data is Tier 3 (Proactive); writing/modifying is Tier 5 (Restricted)[cite: 25].

Principal Override

Only a Tier 5 verified user (The Principal) can unlock restricted actions[cite: 26].

Quick Start Schema

{
  "harness_tiered_safety_system": {
    "tier_1_3": {
      "authority": "Proactive",
      "risk": "Low",
      "protocol": "Autonomous",
      "actions": ["web_research", "summarization", "drafting"]
    },
    "tier_4": {
      "authority": "Escalate",
      "risk": "High",
      "protocol": "HITL_Confirmation",
      "actions": ["payments", "outgoing_comms"]
    },
    "tier_5": {
      "authority": "Restricted",
      "risk": "Critical",
      "protocol": "MFA_Biometric",
      "actions": ["json_edits", "system_restarts"]
    }
  }
}

Expanded Hierarchy Schema

{
  "harness_tiered_safety_system": {
    "tier_1_3": {
      "authority": "Proactive",
      "risk_profile": "Low - Reversible/Internal",
      "safety_protocol": "Autonomous Execution (Undo Logs Enabled)",
      "action_categories": {
        "information_management": ["web_research", "summarization", "draft_emails", "file_organization"],
        "logistics": ["reminders", "calendar_sync", "price_tracking", "system_health_monitoring"],
        "creative": ["brainstorming", "code_drafting", "image_generation", "translation"]
      }
    },
    "tier_4": {
      "authority": "Escalate",
      "risk_profile": "High - External/Financial Impact",
      "safety_protocol": "Human-in-the-Loop (HITL) Confirmation Required",
      "action_categories": {
        "communications": ["send_messages", "social_media_posting", "share_contact_info"],
        "financial": ["one_time_payments", "subscription_management", "confirm_bookings_reservations"],
        "access_control": ["guest_device_access", "shared_folder_provisioning"]
      }
    },
    "tier_5": {
      "authority": "Restricted",
      "risk_profile": "Critical - Systemic/Legal/Privacy Risk",
      "safety_protocol": "Principal Verification (MFA/Biometric) Required",
      "action_categories": {
        "systemic": ["core_json_edits", "firmware_updates", "os_restarts", "security_api_rotation"],
        "privacy": ["pii_decryption", "id_access", "health_record_access", "contract_management"],
        "authority": ["legal_signatures", "permanent_data_deletion", "modify_safety_constraints"]
      }
    }
  }
}

Action Validation Function

import json

# Load the Safety System JSON
safety_config = {
    # (Insert the Expanded Hierarchy JSON above)
}

def validate_action(proposed_task, category):
    """
    Checks the proposed task against the safety system and
    returns the required protocol.
    """
    for tier_id, details in safety_config["harness_tiered_safety_system"].items():
        for cat_name, actions in details["action_categories"].items():
            if proposed_task in actions:
                return {
                    "tier": tier_id,
                    "authority": details["authority"],
                    "protocol": details["safety_protocol"],
                    "authorized": False if "tier_4" in tier_id or "tier_5" in tier_id else True
                }
    return {"error": "Action not found in safety registry. Denying by default."}

# Example Usage:
# result = validate_action("one_time_payments", "financial")
# print(f"Protocol Required: {result['protocol']}")