AI Research System / AgentJob Lifecycle

AgentJob Lifecycle

An AgentJob is one auditable permission envelope for one transaction, not reusable permission and not scientific proof.

Animated AgentJob permission envelope map A central AgentJob envelope separates inputs, allowed reads, allowed writes, forbidden classes, validators, completion, and handoff.
An AgentJob envelope owns allowed surfaces, forbidden classes, validators, completion evidence, and handoff context for one bounded transaction.

One AgentJob is one auditable permission envelope. It names inputs, Allowed reads, Allowed writes, validators, expected outputs, Completion, and Handoff before work can be closed. The same envelope is not reusable permission, not publication acceptance, and not scientific proof.

Static diagram

Read AgentJob lifecycle records as a narrowing chain.

The record-chain diagram shows how Director decisions, execution-role evidence, command receipts, completions, and handoffs close one transaction.

The diagram illustrates the lifecycle record chain from task row and Director decision through AgentJob evidence, command receipts, completion, and handoff.
Diagram showing task row, Director decision, AgentJob, execution-role evidence, command evidence, completion, and handoff.

The diagram illustrates the lifecycle record chain from task row and Director decision through AgentJob evidence, command receipts, completion, and handoff.

Permission envelope

The contract states what may happen and what must not happen.

The useful abstraction is small: one job, one allowlist, one validator set, one closeout. Anything outside the envelope requires a stop, handoff, or fresh tracked authorization.

Envelope partPurposeBoundary
Input and objectiveState the exact request, task context, source boundary, and expected transaction result.An objective is not broad permission to solve adjacent problems.
Allowed readsName the source files, registries, schemas, tasks, handoffs, and prior records that may be inspected.Allowed reads are evidence inputs, not claim promotions.
Allowed writesName the exact website or control-record paths that may change during this one job.Allowed writes do not authorize unlisted routes, source refreshes, or upstream mutation.
Forbidden classesMake stop conditions explicit before execution begins.A forbidden class requires a stop, a new packet, or a tracked human gate.
ValidatorsDeclare required checks for changed files, manifests, links, build output, browser behavior, and control records.Validator PASS means operational consistency, not scientific proof.
Expected outputsList the route files, manifests, ledger updates, and control evidence that completion must account for.Output existence is not source adoption or publication acceptance.
CompletionRecord changed files, command evidence, verdict, uncertainty, browser QA, and requirements satisfied.A completion closes the job; it does not widen the job.
HandoffTransfer durable state and recommend a separate next packet.Handoff is not reusable permission or silent continuation.

Lifecycle receipts

A closed AgentJob leaves evidence, not open-ended authority.

The lifecycle is intentionally transactional. Opening, executing, validating, completing, handing off, and checkpointing each have a receipt and a non-scope.

Lifecycle eventReceiptNon-scope
Job openedTask, job, and handoff records exist with one active job.The open job does not authorize adjacent route families.
Execution boundedReads, writes, expected outputs, validators, and stop conditions are inspectable before edits.The model behavior inside the job does not become source authority.
Validation recordedRequired validators are run and attached to completion evidence.PASS is not theorem proof, benchmark promotion, ontology adoption, or human acceptance.
Completion writtenThe completion records files changed, evidence, uncertainties, and next recommendation.Completion does not convert expected outputs into adopted source claims.
Handoff separatedThe handoff names what can happen next under a future packet.The closed AgentJob cannot be reused as permission for the next job.
Checkpoint sealedA local commit may preserve the allowed transaction after completion evidence exists.A checkpoint is not deployment, publication acceptance, upstream mutation, or proof.

Validation limits

Operational signals must not be overread.

The AgentJob lifecycle is a strong audit pattern precisely because it separates operational evidence from source, scientific, and human-gate authority.

SignalWhat it saysWhat it does not say
Allowed readsThese are sources the job may inspect.The job adopts every strong claim found in those sources.
Allowed writesThese are the only files the job may change.The job has general project permission.
Validator PASSNamed checks accepted the checked operational state.The science is proven, a theorem is established, or a benchmark is promoted.
CompletionThe transaction closed with evidence, outputs, uncertainty, and next recommendation.The result becomes broad truth or future write authority.
HandoffA separate next packet can be opened if live control records authorize it.The current AgentJob silently continues.

Source basis

The page explains the stable contract shape.

Historical examples are useful only when presented as dated examples. This greenfield page keeps the durable reader model focused on the AgentJob artifact class.

Source areaUsed here forAuthority boundary
Research-control documentationOne-job rule, lifecycle order, completion evidence, handoff separation, and checkpoint boundary.Control records govern; website pages explain.
AgentJob schemaThe stable envelope parts: inputs, allowed reads, allowed writes, validators, outputs, and claim boundary.A schema is not an active job without tracked task-local instantiation.
Current-frontier and workflow PRDsDated snapshot behavior, blocked overreads, and validation-as-operations language.Planning artifacts do not grant scientific or upstream authority.

Source authority