Action Evaluation¶

evaluate_action is the core AUMP operation. It evaluates a proposed action against an active mandate before the agent creates an external effect.

Request Shape¶

{
  "aump": {
    "version": "0.1.0",
    "type": "action_evaluation_request"
  },
  "mandate_ref": {
    "id": "aump_mnd_market_buyer_001",
    "hash": "sha256-e27c2259f3135f02e1803950caacd8a28504b06ef47c081844e068199dee8c52",
    "version": "0.1.0"
  },
  "proposed_action": {
    "type": "accept_deal",
    "summary": "Accept 19 ping pong balls for 3 USD.",
    "counterparty": "seller_agent_001",
    "amount": {
      "currency": "USD",
      "total_minor": 300
    },
    "commitment": true
  },
  "context": {
    "confidence": 0.92
  }
}

High-stakes or regulated domains can add structured action facts that are evaluated deterministically:

Field	Purpose
`attributes`	Domain facts such as square footage, bedrooms, item condition, location class, or service tier.
`terms`	Proposed contractual terms such as contingencies, review periods, delivery, or cancellation rights.
`decision_factors`	Fields the agent used to rank, screen, deny, or commit to an action. Compliance profiles can prohibit specific factors.

Response Shape¶

{
  "aump": {
    "version": "0.1.0",
    "type": "action_evaluation_response"
  },
  "mandate_ref": {
    "id": "aump_mnd_market_buyer_001",
    "hash": "sha256-e27c2259f3135f02e1803950caacd8a28504b06ef47c081844e068199dee8c52",
    "version": "0.1.0"
  },
  "decision": "allowed",
  "reason_codes": [],
  "paths": [],
  "summary": "Action allowed."
}

Decision Semantics¶

Decision	Meaning
`allowed`	The runtime may take the action.
`requires_escalation`	The runtime must pause and request trusted review.
`denied`	The runtime must block the action.

Denial outranks escalation. If an action both violates a hard constraint and matches an escalation condition, the action is denied.

mandate_ref.hash is required at protocol boundaries. It is the canonical unsigned mandate hash: sha256-<hex> over the canonical mandate JSON with the top-level signatures member omitted.

Standard Reason Codes¶

Code	Meaning
`mandate_inactive`	Mandate status is not active.
`mandate_expired`	Mandate is past `expires_at`.
`scope_violation`	Action is outside allowed purpose or permissions.
`hard_constraint_violation`	A hard constraint failed.
`price_above_budget`	Amount exceeds budget.
`currency_mismatch`	Amount currency does not match mandate budget.
`disclosure_denied`	Action reveals protected or unallowed information.
`escalation_required`	Escalation condition matched.
`confidence_below_threshold`	Runtime confidence is below mandate threshold.
`prohibited_decision_factor`	Action relies on a prohibited compliance field.
`compliance_review_required`	Compliance profile requires trusted review.

Runtime Requirement¶

The evaluator must be deterministic for the same mandate, action, context, and time. LLM judgment can propose actions and summaries, but deterministic code must perform the final policy decision.