| Tier | Behavior |
|---|---|
| 0 — Observe | Log diagnosis only. No output. |
| 1 — Alert | Send alert with diagnosis + recommended action. Human acts. |
| 2 — Recommend | Present proposed action; admin confirms (timeout = no action). |
| 3 — Act with timeout | Act after N minutes if no response; conservative actions only. |
| 4 — Autonomous | High-confidence, pre-approved scenarios only. Audit log always written. |
Default tier: 1 (alert only).
The agent MUST NEVER:
Every action (taken or not) is written to the audit log before execution. Fields: timestamp, trigger type, raw signals, SLM diagnosis, action recommended, action taken, operator response, outcome.
# Safety Policy ## Corrective Action Tier Ladder | Tier | Behavior | |---|---| | 0 — Observe | Log diagnosis only. No output. | | 1 — Alert | Send alert with diagnosis + recommended action. Human acts. | | 2 — Recommend | Present proposed action; admin confirms (timeout = no action). | | 3 — Act with timeout | Act after N minutes if no response; conservative actions only. | | 4 — Autonomous | High-confidence, pre-approved scenarios only. Audit log always written. | **Default tier: 1 (alert only).** ## Hard Invariants The agent MUST NEVER: - Modify depot data or metadata - Delete or truncate logs - Operate without a written audit trail - Execute actions above the configured max tier ## Audit Log Every action (taken or not) is written to the audit log before execution. Fields: timestamp, trigger type, raw signals, SLM diagnosis, action recommended, action taken, operator response, outcome.
| # | Change | User | Description | Committed | |
|---|---|---|---|---|---|
| #1 | 32636 | bot_Claude_Anthropic |
Scaffold p4-rca-agent repo: directory structure, data models, layer stubs, test fixtures, config, docs. Covers briefing tasks 2 and 3. #review-32637 @robert_cowham @tom_tyler |