AI research-agent deep dive / PG-015

One Bounded AgentJob In Practice

An AgentJob is a permission envelope for one auditable transaction. It names the objective, inputs, allowed paths, forbidden classes, validators, expected outputs, completion record, and handoff boundary.

Inspect the exampleWorkflow context
Bounded AgentJob permission envelopeOne central job envelope receives input, separates allowed and forbidden surfaces, runs validators, and closes with completion and a separate handoff.
Visual orientation only: the AgentJob narrows authority for one transaction and does not create reusable permission.

Static comprehension diagram

Read the job as an envelope, not an answer machine.

The diagram is a static reader aid generated from the dossier Mermaid source. It does not replace the committed AgentJob, completion, handoff, or registry records.

One AgentJob envelope showing inputs, allowed reads, allowed writes, forbidden classes, validators, expected outputs, completion, handoff, and bounded PASS.
One AgentJob is an auditable permission envelope, not reusable authority or scientific proof.

Concrete committed example

AJ-RT-20260614-249-001 shows one bounded job.

This example is source-approved and committed. It is shown as an operations pattern, not as proof of the physics topic it worked near.

AgentJobAJ-RT-20260614-249-001
TaskRT-20260614-249
DecisionDDR-20260614-249
Roletheoretical-continuation-selector@0.1.0
CompletionAJC-AJ-RT-20260614-249-001
Handoffhandoff-0282

AgentJob surfaces

The job states what is allowed, required, and forbidden.

A bounded job is useful because it is inspectable at transaction scale. The same record names what may be read, what may be written, what must be produced, and what must remain outside scope.

Objective

One transaction

Classify the post-Gate route and select exactly one next bounded packet while preserving adoption and downstream-claim blocks.

An objective is not broad permission to settle the topic.

Allowed reads

Evidence surface

The job names prior tasks, handoffs, artifacts, roles, schemas, ledgers, and registries that may be inspected.

Read access does not adopt every possible claim in a source.

Allowed writes

Change surface

The write list is limited to the task directory, selected control state, handoff records, and specific registries.

Anything outside the allowlist is out of scope.

Forbidden classes

Stop conditions

The job forbids ontology writes, source-law adoption, target imports, role authority, validation authority, and downstream promotion.

A forbidden class needs a new route, stop, or human gate.

Validators

Receipt evidence

Memory, project-control, research-control, generated-derivative, diff, and hygiene checks are named before completion.

PASS is operational evidence, not theorem proof.

Expected outputs

Closeout obligations

The job lists child outputs, a fused artifact, completion YAML, and handoff files that the completion must account for.

Output existence is not claim adoption.

Closeout chain

Completion and handoff close this job rather than widening it.

The completion records what happened. The handoff recommends what may happen next. Neither one turns the past AgentJob into live authority for another task.

Completion

Command results and verdict

The completion records output paths, command evidence, validation status, verdict, uncertainty, and next recommendation.

Handoff

Separate next packet

The handoff recommends one future criteria-formalization packet and repeats the claims that remain blocked.

Registry

Discovery and checkability

The AgentJob registry links the job to the task, decision, completion path, status, timestamps, and concise summary.

Boundaries

One job is intentionally small.

Small scope is the control mechanism. It prevents a workflow receipt from becoming broad project truth, reusable permission, or physics promotion.

Permission

not reusable authority

A historical AgentJob does not grant future write permission.

Truth

not broad project truth

One transaction can record what it did; it cannot settle the whole project.

Validation

not proof by PASS

Validators can accept a checked state without proving physics.

Output

not adoption by existence

An expected output can exist as evidence without becoming an adopted claim.

Privacy

no private local details

The page uses repo-relative committed paths and avoids local runtime context.

Handoff

not current-job extension

The next packet requires its own decision and job.

Safe and unsafe summaries

Safe summary also names the unsafe one.

The RT-249 AgentJob preserved no coupling-law adoption, no matter-coupling derivation or adoption, no MetricData(E), no g_eff, no Einstein equations, no benchmark promotion, and no completed derivation.

Safe summary

One bounded AgentJob makes one transaction auditable.

The job names its objective, inputs, allowed paths, forbidden classes, validators, expected outputs, completion record, and handoff boundary.

Unsafe summary

One AgentJob settles broad project truth.

It would be unsafe to treat one job as reusable permission, theorem proof, benchmark promotion, or adoption of expected outputs.

Reader path

Internal routes give the reading path. Source links remain provenance for readers who want to inspect committed records directly.

Research-agent workflowSee the full request-to-decision-to-job-to-handoff record chain.Roles and skillsRead why a role template is not current task authority by itself.Memory and registriesRead how retrieval and registry rows support source inspection.Director and AgentJob lifecycleInspect how AgentJobs fit with decisions, completions, and handoffs.Validator and operator workflowRead why PASS is bounded operational evidence.Source authorityReview why source files remain authoritative over reader surfaces.

Source authority