Architecture model
The Rights And Control Model
The framework treats agents as operating risks of their own: they have purpose boundaries, identities, tools, data access and action impact that must be documented and approved separately.
The agent has a narrow purpose and cannot use tools outside that purpose.
User, service and business identity, OAuth/Graph scopes and data classes are separated.
Actions are tiered by impact, validated, logged, approved and disabled when needed.
