Agent Runtime

Agent contracts, execution lifecycle, and bounded autonomy.

Agent Runtime

An agent in AgentWorld is a bounded worker.

It is not a free-form personality. It is an executable role with a contract.

Agent contract

Every agent should define at least these fields:

• identity

• role

• objective

• input schema

• output schema

• memory scope

• allowed tools

• spend and token budget

• escalation conditions

• handoff targets

• review requirements

The runtime uses this contract before any model call happens.

Example agent definition

agent: treasury-ops
role: Manage approved payouts
objective: Settle approved obligations without violating spend policy
memory_scope:
  - vendor
  - invoice
  - treasury_policy
allowed_tools:
  - ledger.read
  - wallet.prepare_transfer
  - settlement.submit
escalate_when:
  - amount_exceeds_daily_limit
  - unknown_destination
  - policy_version_mismatch
handoff_to:
  - finance-review

The important property is boundedness. A well-formed agent should be easy to reason about from its contract alone.

Runtime lifecycle

1

Receive task

The runtime receives a task envelope with context, policy, and memory scope.

2

Load state

The agent reads only the memory objects and artifacts allowed by policy.

3

Plan next action

The model proposes the next action. The runtime validates that action against tool scope and policy.

4

Execute bounded side effect

A tool call, handoff, or artifact write is executed and recorded.

5

Persist transition

The system stores the new state, emitted events, and operator-visible logs.

6

Exit or continue

The run completes, waits for approval, retries, or hands off to another agent.

Deterministic wrapper, probabilistic core

The model remains probabilistic. The wrapper around it should not.

The runtime should make deterministic decisions about:

• what state is visible

• which tools are callable

• how outputs are validated

• which actions need approval

• how retries are handled

• when the run must stop

This is the main safety property of the system.

Output validation

Every meaningful output should be validated before it becomes business state.

That validation can include schema checks, policy checks, score thresholds, and downstream confirmations. Free-form text is allowed as an artifact. It should not become authoritative state unless it passes a typed gate.

Handoffs

A handoff is not just a message.

A proper handoff includes:

• source agent

• target agent

• task ID

• reason for handoff

• summarized context

• required artifacts

• policy context

• expected completion condition

This makes agent collaboration explicit and auditable.

Retries and recovery

The runtime should classify failures before retrying.

• Transient failures include network errors, model rate limits, and temporary tool outages.

• Deterministic failures include invalid input, blocked policy, missing approvals, and schema mismatch.

• Risk failures include suspicious destinations, policy drift, and out-of-budget execution.

Only transient failures should retry automatically by default.

Good runtime behavior

A good agent run is short, bounded, and composable. It should emit small state transitions, not giant hidden reasoning chains. The system should prefer many inspectable steps over one opaque jump.

Do not grant an agent a tool because it might be useful. Grant it only because the role cannot complete its task without it.