Purpose
Make agent-machine the governed local execution substrate for SourceOS agents, tools, containers, local models, and enterprise/user network profiles.
Required operation types
agent_machine.profile.createagent_machine.execution.startagent_machine.execution.cancelagent_machine.tool_grant.applyagent_machine.tool_grant.revokeagent_machine.container.runagent_machine.model_provider.bindagent_machine.diagnostics.export_redacted
Required profiles
- personal profile
- corporate firewall profile
- multi-corporate firewall profile
- local model provider profile
- hosted model provider profile
- airgapped/local-only profile
- user-owned model profile
Required artifacts
AgentMachineProfileLocalAgentExecutionToolGrantRecordContainerExecutionRecordModelProviderBindingAgentMachineDiagnosticBundle
Required controls
- Delegated authority for every local agent action.
- Policy gates for tool grants, model provider use, network profile, container execution, and artifact access.
- Budget dimensions: model calls, tokens, connector calls, CPU/GPU, local disk, sandbox memory, wall-clock runtime, agent concurrency.
- OperationEvents for start/progress/failure/retry/cancel/complete.
- Redacted diagnostics with no credentials, tokens, local secrets, or sensitive prompts.
Integration targets
SocioProphet/agentplane#85SocioProphet/agent-registrySocioProphet/mcp-a2a-zero-trustSocioProphet/model-routerSocioProphet/guardrail-fabricSocioProphet/policy-fabric#46SocioProphet/prophet-core-contracts#1SourceOS-Linux/sourceos-spec#87SociOS-Linux/workstation-contracts#28SourceOS-Linux/sourceos-devtools#19
Acceptance criteria
- Local agent execution is represented as WorkspaceOperation and OperationTask state.
- Tool grants and revocations are auditable operation commands.
- Model provider use is explicit, profile-bound, and policy-gated.
- Enterprise firewall profiles and personal/user-owned model profiles are separate and inspectable.
- Agent-machine never writes durable workspace state outside OperationContract.
Hard rule
Local agent execution must not imply ambient authority. Every action needs delegation, scope, budget, policy profile, and audit.
Purpose
Make
agent-machinethe governed local execution substrate for SourceOS agents, tools, containers, local models, and enterprise/user network profiles.Required operation types
agent_machine.profile.createagent_machine.execution.startagent_machine.execution.cancelagent_machine.tool_grant.applyagent_machine.tool_grant.revokeagent_machine.container.runagent_machine.model_provider.bindagent_machine.diagnostics.export_redactedRequired profiles
Required artifacts
AgentMachineProfileLocalAgentExecutionToolGrantRecordContainerExecutionRecordModelProviderBindingAgentMachineDiagnosticBundleRequired controls
Integration targets
SocioProphet/agentplane#85SocioProphet/agent-registrySocioProphet/mcp-a2a-zero-trustSocioProphet/model-routerSocioProphet/guardrail-fabricSocioProphet/policy-fabric#46SocioProphet/prophet-core-contracts#1SourceOS-Linux/sourceos-spec#87SociOS-Linux/workstation-contracts#28SourceOS-Linux/sourceos-devtools#19Acceptance criteria
Hard rule
Local agent execution must not imply ambient authority. Every action needs delegation, scope, budget, policy profile, and audit.