Principle I: Acceptable Agency
Source:
.specify/memory/constitution.md
Overview
Acceptable Agency ensures that AI agents operate within defined boundaries while maintaining human oversight for critical operations. Agents can autonomously perform read operations, file editing, and test execution, but operations that affect version control, production systems, or incur costs require explicit human approval.
Key Requirements
| Rule | Description |
|---|---|
| Scope Boundaries | Every agent has clearly defined autonomous vs. human-approved actions |
| Human Oversight | Critical operations (commits, deployments, cost changes) require HITL approval |
| Traceability | All agent reasoning chains are logged and auditable |
| Kill-Switches | Every agent can be disabled independently via configuration |
| Escalation Paths | Clear procedures when agents encounter situations beyond their authority |
Enforcement Implementation
Acceptable Agency is enforced through multiple hooks and the permission deny list working together.
Blocked Operations (Agents Document, Humans Commit)
The validate-bash.sh hook blocks all git mutation operations, IaC mutations, destructive commands, and publishing actions. When blocked, the correct action is to hand off to the HITL manager -- never to find an alternative API or workaround.
| Category | Blocked Commands |
|---|---|
| Git mutations | add, commit, push, merge, rebase, reset, revert, checkout, stash, cherry-pick, tag |
| IaC mutations | terraform apply/destroy/import/taint, terraform state rm/mv, cdk deploy/destroy |
| Destructive | rm -rf, sudo, chmod 777, mkfs, dd |
| Publishing | npm publish, docker push |
| GitHub API backdoor | gh api repos/.../git/blobs/trees/commits/refs |
Permission Deny List
The settings.json deny list (30 entries) provides a second layer of blocking at the Claude Code runtime level, covering the same categories plus sensitive file reads (.env, .pem, .key, credentials, kubeconfig).
Coordination Gate
Every code change and agent dispatch requires product-owner + cloud-architect coordination logs with >= 95% agreement (enforce-coordination.sh). There is no ADLC_AUTONOMOUS_MODE escape hatch.
See Hook Enforcement Reference for the complete enforcement chain and Permissions Reference for the full deny list.
Related Agents
- product-owner — Embodies Acceptable Agency as the first coordination gate
- All agents — Every agent defines authority boundaries per this principle