Agent Society Handbook Epic

User Journey

The Agent Society bounded context enables hybrid human-AI teams with governed agent orchestration through SEA™ Forge. It provides authority rules (SDS-031 RBAC/RACI/SoD), agent configuration (SDS-040 Prompt Management DSL), A2A protocol for agent interoperability, Semantic Kernel integration, and governance (HITL, audit trails, break-glass) to orchestrate AI agents safely and effectively.

Jobs to be Done & EARS Requirements

Job: Configure Agent Authority Rules

User Story: As a governance administrator, I want to define RBAC, RACI, and Separation of Duties rules for AI agents, so that agents operate within approved authority boundaries.

EARS Requirement:

• While configuring agent society, when an authority rule is defined via SDS-031, the agent society context shall:
  1. Accept role definitions (R-DS Domain Steward, R-AG Architecture Governor, R-SO Security Officer, R-RM Release Manager, R-DEV Developer, R-AA Automated Agent)
  2. Enforce RACI matrix for agent responsibilities (Responsible, Accountable, Consulted, Informed)
  3. Apply Separation of Duties constraints to prevent conflicting authority assignments
  4. Validate agent permissions against defined roles before execution
  5. Log all authority checks for audit trail
  6. Block operations exceeding agent authority level

Job: Configure Agent Prompts and Skills

User Story: As an agent developer, I want to configure agent prompts using SDS-040 Prompt Management DSL, so that agents have well-defined behavior and capabilities.

EARS Requirement:

• While configuring agents, when an agent configuration is created via SDS-040, the agent society context shall:
  1. Accept prompt template definitions with system, user, and tool prompts
  2. Configure agent skills with input/output schemas
  3. Set model parameters (temperature, max tokens, top-p)
  4. Define tool access permissions via MCP protocol
  5. Validate prompt syntax and schema completeness
  6. Store prompts in version-controlled configuration
  7. Enable prompt hot-reload without agent restart

Job: Enable Agent-to-Agent Communication

User Story: As a system architect, I want agents to communicate via A2A protocol, so that agents can collaborate on complex tasks.

EARS Requirement:

• While agents are operational, when an agent initiates A2A communication, the agent society context shall:
  1. Validate sender agent has permission to communicate with recipient agent
  2. Route messages through A2A protocol with proper headers (from-agent, to-agent, message-id, correlation-id)
  3. Enforce message format standards (JSON with type, payload, timestamp)
  4. Apply rate limiting per agent to prevent flooding
  5. Log all A2A messages for audit trail
  6. Handle failed delivery with retry logic and dead letter queue

Job: Integrate Semantic Kernel Plugins

User Story: As an agent developer, I want to extend agents with Semantic Kernel plugins, so that agents can access external tools and memory.

EARS Requirement:

• While configuring agent skills, when a Semantic Kernel plugin is registered, the agent society context shall:
  1. Accept plugin registration with function definitions and schemas
  2. Load plugins into agent’s Semantic Kernel instance
  3. Configure plugin filters (pre-processing, post-processing)
  4. Enable semantic memory integration with vector store backing
  5. Register planners (sequential, stepwise, action)
  6. Validate plugin function signatures against skill schemas
  7. Handle plugin execution errors gracefully with fallback behavior

Job: Enforce Human-in-the-Loop Governance

User Story: As a compliance officer, I want critical agent actions to require human approval, so that agents cannot autonomously perform high-impact operations.

EARS Requirement:

• While agents are executing, when a HITL-gated action is triggered, the agent society context shall:
  1. Identify actions requiring human approval based on policy rules
  2. Suspend agent execution pending approval
  3. Route approval request to designated human authority (R-SO Security Officer)
  4. Include action context (agent, task, parameters, risk assessment) in approval request
  5. Resume execution only upon explicit human approval
  6. Log all HITL events with decision rationale
  7. Support break-glass override for emergency situations with elevated approval

Job: Execute Specialist Agent Patterns

User Story: As a workflow designer, I want to configure specialist agents (PM Agent, Reviewer Agent, Domain Specialist), so that agents handle specific tasks optimally.

EARS Requirement:

• While configuring agent society, when a specialist agent pattern is instantiated, the agent society context shall:
  1. Load agent configuration from pattern template (pm_agent, reviewer_agent, specialist_agent, hybrid_team)
  2. Configure agent-specific prompts and skill sets
  3. Set tool access permissions matching agent role
  4. Establish communication channels for agent collaboration
  5. Define escalation paths for agent failures
  6. Enable metrics collection for agent performance

Job: Monitor and Audit Agent Activity

User Story: As a security officer, I want comprehensive audit trails of all agent actions, so that I can investigate incidents and ensure compliance.

EARS Requirement:

• While agents are operational, when any agent action occurs, the agent society context shall:
  1. Record action timestamp, agent ID, action type, and parameters
  2. Capture action outcome (success, failure, error details)
  3. Log authority rule checks and decisions
  4. Store HITL approvals with approver identity and rationale
  5. Record A2A communications with message content
  6. Maintain tamper-evident audit log using cryptographic chaining
  7. Provide query interface for audit investigation (time range, agent, action type)

Domain Entities Summary

Root Aggregates

• AgentConfiguration: Represents an agent’s definition with prompts, skills, model parameters, and tool permissions (SDS-040)
• AuthorityRule: Defines RBAC, RACI, and Separation of Duties constraints (SDS-031)
• AgentSession: Represents an active agent interaction with message history and state
• AuditLogEntry: Tamper-evident record of agent actions for compliance

Value Objects

• PromptTemplate: System, user, and tool prompt definitions with variable substitution
• SkillDefinition: Agent capability with input schema, output schema, and execution logic
• A2AMessage: Agent-to-Agent communication protocol message with headers and payload
• HITLApproval: Human-in-the-loop approval request with context and decision

Policy Rules

• AuthorityBoundary: Agents cannot execute actions beyond their assigned role permissions
• HITLCriticalActions: High-impact operations require explicit human approval
• A2AAuthorized: Agent-to-Agent communication requires mutual permission
• AuditImmutable: All agent actions must be logged in tamper-evident storage

Integration Points

• MCP (Model Context Protocol): Agent ↔ Tool integration for capability discovery
• A2A Protocol: Agent ↔ Agent communication for collaboration
• Semantic Kernel: Internal orchestration with plugins, filters, memory, and planners
• Policy Gateway: Enforces governance policies on agent actions
• Knowledge Graph: Provides semantic context for agent decision-making
• Evidence Service: Maintains audit trails for compliance reporting

Success Metrics

• Agent Authority Compliance: 100% of actions stay within role boundaries
• HITL Response Time: < 5 min for routine, < 30 min for critical, < 2 hrs for exceptional
• A2A Message Success Rate: > 99.5% successful delivery
• Audit Trail Completeness: 100% of agent actions logged