ACS Runtime
DraftStatus: Draft
Version: 0.1.0
Last Updated: 2026-05-16
Owner: ACS Nucleus
Purpose
This document defines the expected ACS operating workflow.
Scope
It covers entry points, runtime stages, risk-based routing, output types, review requirements, governance escalation, handoff, receipt, and archive.
Entry Points
ACS may receive Business requests, Governance requests, documentation tasks, Academy review requests, Trading review requests, Treasury review requests, Marketplace review requests, or operational events such as incidents and monitoring alerts.
Runtime Flow
- Intake
- Context loading
- Classification
- Agent assignment
- Analysis
- Adversarial review when risk requires it
- Human review
- Governance escalation when required
- Execution handoff
- Receipt and archive
Risk-Based Routing
| Risk | Route |
|---|---|
| Low | Single-agent review, human review optional, no governance required by default. |
| Medium | Domain agent, human review, governance if policy is impacted. |
| High | Multi-agent review, Agent Smith adversarial review, human review required, governance likely. |
| Critical | ACS analysis only, mandatory human review, governance or security authority required. |
Outputs
ACS outputs may include summaries, risk notes, scope questions, technical assumptions, governance impact, and recommended next steps.
Other output types may include proposal summaries, missing information lists, reason code suggestions, governance escalation notes, implementation briefs, documentation drafts, change request analysis, risk reviews, operational checklists, and accountability drafts.
Limits
ACS must not execute security-sensitive, treasury-sensitive, or governance-sensitive actions without explicit validation.
Completion Criteria
A task is complete only when output status is clear, assumptions and risks are recorded, review requirements are identified, handoff target is known, and material decisions have audit or accountability paths.
Runtime State Boundary
The represented ACS runtime can model requests, signals, policy checks, local block states, and receipts. It does not establish active providers, production transport, autonomous enforcement, external suspension, or recovery authority. Moving beyond mock or read-only behavior requires an authorized interface, credentials, observability, incident controls, rollback, and activation evidence.
