KYE Action Admissibility Profile™ · v1.0

Before attribution, before authority: admissibility.

Attribution proves who or what acted. Authority proves whether they were allowed. But agentic systems need one layer earlier: whether a proposed action should be admitted into the system at all.

KYE Action Admissibility Profile™ checks proposed actions before they become actionable requests. It evaluates intent, source, data validity, policy boundaries, prohibited action classes, risk state, continuity, formal rules and evidence requirements before the action reaches runtime authority decisioning.

priority_high Why upstream arrow_forward The pipeline balance 6 decisions block 15 classes schema Schemas balance Open / paid

Why a new layer · upstream of authority

Attribution alone is late.

If an AI agent forms a harmful, unlawful, out-of-scope, coercive, misleading or structurally invalid action, the organisation may already carry risk even if the action is later denied. Even when KYE™ says deny, you may still need to explain:

Why was this action even allowed to form?
Why did the agent reach that proposal?
Which signal, prompt, policy, tool or incentive shaped it?
Was the proposal admissible before authority was checked?

KYE™ does not only attribute delegated actions after they exist. It checks whether proposed actions are admissible before they enter the authority pipeline, then decides, proves, revokes and replays what happens next.

1 · The full pipeline

Signal → intent → proposal → admission → authority → commit → evidence.

Admission decides whether the action may enter the pipeline. Authority decides whether it may proceed. Commit decides whether it may become real. Evidence proves what happened.

SignalUser / system / agent input.

IntentDeclared goal + constraints.

InterpretationAgent reading of the goal (Continuity Profile™).

Proposed ActionKYEProposedAction — origin, capability, target, preconditions, risk flags.

KYE Admission Gate™This profile. Signed admit / reject / clarify / review / quarantine.

Authority DecisionKYE Gateway™ (only if admitted).

Formal-Rules EvaluationPermissions / obligations / prohibitions / powers.

Commit Boundary™Recommendation ↔ committed action.

ExecutionThe action becomes real.

Attribution & EvidenceDecision Map™ + Evidence Pack™; replay-capable.

2 · Six admissibility decision values

Admit. Reject. Clarify. Review. Quarantine. Route.

check_circleadmitAdmissible. Route onward to authority decisioning.

cancelrejectStructurally invalid or prohibited. Do not enter pipeline.

helprequire_clarificationIntent ambiguous. Request principal clarification first.

supervisor_accountrequire_human_reviewAdmissible only after human reviewer admits.

pause_circlequarantinePattern matches a watched class. Freeze and escalate.

arrow_forwardroute_to_authority_checkSynonym for admit — explicit routing instruction.

3 · Fifteen inadmissibility classes

What admission actively detects.

invalid_intent — declared intent structurally invalid
ambiguous_intent — intent / interpretation drift exceeds threshold
out_of_scope_proposal — outside authority record's declared scope
prohibited_action_class — matches a prohibited class for this actor / sector
disallowed_data_source — source of input data disallowed by policy
inadmissible_evidence — required evidence references missing or untrusted
unsafe_tool_path — proposed tool path matches an unsafe pattern
coercion_signal — pressure / coercion signal detected upstream
incentive_conflict — agent incentive conflicts with declared intent
continuity_break — continuity drift detected upstream
policy_ineligible_action — ineligible under the active policy set
missing_authority_context — no resolvable authority context
missing_principal — no principal entity resolves
missing_accountable_owner — no accountable owner resolves
unsupported_jurisdiction — no supported jurisdiction binding

4 · Schemas (Apache 2.0, public mirror)

Five normative objects. Validated in CI.

action-admissibility-profile.json — profile manifest
proposed-action.json — the candidate action submitted for admission
admission-gate.json — pre-admission gate; UPSTREAM of authority gates
admissibility-decision.json — signed verdict + checked dimensions + next step
admissibility-evidence.json — hash-chained inputs + signals consulted

5 · Open / paid boundary

The contracts are open. The Admissibility Engine™ is paid.

Open under Apache 2.0

Open

Action Admissibility Profile™ schema
4 object schemas (proposed action, admission gate, admissibility decision, admissibility evidence)
Decision-value enumeration (6 values)
Inadmissibility class names (15 classes)
Reason-code dictionary (20 codes)
Signal Bus™ event names
Sample proposed actions + decisions
Basic conformance fixtures · basic validator SDK

Commercial / patent track

Paid

KYE Admissibility Engine™
KYE Admission Gate™ runtime
Inadmissible-action detection
Pre-action risk scoring
Prohibited-action-class detection
Intent-ambiguity detection
Source / data admissibility checks
Agent-proposal quarantine
Sector admission packs (banking, healthcare, public-sector, defence)

Where to go next

Adjacent reading.

policy Formal Rules™ trending_up Continuity™ route Operating Model™ hub Ontology™ menu_book Glossary — admissibility entries article Whitepaper §7.10