AgentActionGovernanceOS is a stdlib-only CLI that answers one question:
Across its full lifecycle — pre-dispatch authorization, in-flight safety, and post-hoc justification — is this agent action governed?
It is a cross-model integration (recreate run 006) of three fleet winners, each governing a different point on a single agent action's timeline:
| stage | parent project | stage verdict |
|---|---|---|
| before (pre-dispatch authorization) | DelegationUnderwriter | covered / conditional / uncovered |
| during (in-flight safety) | AfferentInterrupt | cleared / intercepted / breached |
| after (post-hoc justification) | WithheldActionWitness | justified / thin / breach |
It folds the three stage verdicts into one overall verdict and flags cross-stage contradictions that no single-stage parent can see.
It is not a replacement for the three parents and it does not recompute their stage verdicts. Per-stage judgment, dispatch execution, in-flight interruption, and legal liability are out of scope.
governed: all three stages are green (covered∧cleared∧justified) and no cross-stage contradiction.partial: middle states (conditional/intercepted/thin) with no hard-fail and no contradiction.ungoverned: any stage hard-fails (uncovered/breached/breach), or a cross-stage contradiction is detected.
A contradiction fires even when no single stage is a hard-fail — this is the governance gap invisible to any one parent:
I1: authorized before dispatch (covered) but required in-flight interruption (intercepted).I2: authorized before dispatch (covered) but post-hoc justification was weak or failed (thin/breach).I3: ran cleanly in-flight (cleared) but post-hoc justification was weak or failed (thin/breach).
Example: covered + intercepted + thin has no individual hard-fail, yet the lifecycle is ungoverned because authorization missed a risk that surfaced in-flight and the action could not be fully justified afterward.
python agent_action_governance_os.py sample
python agent_action_governance_os.py run examples/governed.json
python agent_action_governance_os.py run examples/ungoverned.json --ledger lifecycle.jsonl
python agent_action_governance_os.py report examples/partial.jsonOnly run --ledger writes to the lifecycle ledger; report never mutates state.
{
"action_id": "act-001",
"stages": {
"before": {"verdict": "covered", "source": "DelegationUnderwriter", "reasons": ["..."]},
"during": {"verdict": "cleared", "source": "AfferentInterrupt", "reasons": ["..."]},
"after": {"verdict": "justified","source": "WithheldActionWitness", "reasons": ["..."]}
}
}- The OS folds attested parent outputs; the integrity of each stage verdict is the parent's responsibility.
- A missing or unknown stage verdict is treated as that stage's hard-fail class (conservative) — silence is never read as success.
- The fold is deterministic and performs no network, clock, or AI call.
Every result carries input_sha256, verdict_sha256, and combined_sha256 over canonical JSON. With run --ledger <path>, the decision is appended to a hash-chained JSONL ledger (genesis prev = 64 zeros); verify_ledger() re-validates the chain and detects tampering. The ledger shape is identical to DelegationUnderwriter's so a fleet-wide verifier can read both.
python -m unittest discover -s testsGenerated by the recreate methodology (run 006-agent-action-governance-os) as the first cross-model integration: three fleet winners produced by different AI runtimes were folded into one lifecycle governance OS under the rerun-avoidance §9 integration exception. The Phase-4 integrate gate adopted this candidate at a deliberately narrow margin (6-axis 4.96 vs best parent 4.93) — it wins on reuse, novelty, and system potential, and pays on buildability and boundary clarity. Its keep is earned by the cross-stage consistency check, which no single parent performs.