A new approach to AI agent authorization is being developed, focusing on the execution of real actions rather than planning, memory, or tool use. The goal of OxDeAI is to create a deterministic authorization boundary between the agent runtime and the external world, preventing common issues such as runaway API usage, recursive tool loops, and overspending.

The OxDeAI system works by having the agent propose an action as a structured intent, which is then evaluated by a policy engine against a deterministic state snapshot. If the action is allowed, a signed authorization is emitted, and only then can the action be executed.

The design principles of OxDeAI include deterministic evaluation, fail-closed behavior, replay resistance, bounded budgets, bounded concurrency, and auditable authorization decisions. This approach aims to make external side effects bounded before execution, rather than relying on making the model smarter.

Those interested in learning more about the implementation can visit the OxDeAI repository. The development team is also seeking feedback from others in the field, asking how they approach authorization and whether they rely on sandboxing, monitoring, policy engines, or other methods.

Photo by Francesco Ungaro on Pexels
Photos provided by Pexels