AGA-mcp-server

aga_delegate_to_subagent

Delegate specific permissions to sub-agents by creating constrained policy artifacts that limit tool access and define enforcement triggers.

Instructions

Derive constrained policy artifact for sub-agent. Scope only diminishes. (NCCoE)

Input Schema

TableJSON Schema

Name	Required	Description	Default
`sub_agent_id`	No
`permitted_tools`	No
`enforcement_triggers`	No
`measurement_types`	No
`ttl_seconds`	No
`requested_ttl_seconds`	No
`delegation_purpose`	No
`delegation_reason`	No

Implementation Reference

src/tools/delegate-subagent.ts:20-71 (handler)

The handler function for the `aga_delegate_to_subagent` tool, which derives a constrained policy artifact for a sub-agent.

export async function handleDelegateSubagent(args: DelegateSubagentArgs, ctx: ServerContext) {
  if (!ctx.portal.artifact) return ctx.error('No artifact loaded. Call aga_create_artifact first.');

  // Resolve parameters (support both V1 and V2 naming)
  const triggers = args.enforcement_triggers
    ?? ctx.portal.artifact.enforcement_parameters.enforcement_triggers.map(String);
  const types = args.measurement_types
    ?? ctx.portal.artifact.enforcement_parameters.measurement_types.map(String);
  const ttl = args.ttl_seconds ?? args.requested_ttl_seconds ?? 1800;
  const purpose = args.delegation_reason ?? args.delegation_purpose ?? 'Sub-agent delegation';
  const subAgentId = args.sub_agent_id ?? 'sub-agent';

  // If permitted_tools provided, validate against behavioral baseline
  const permittedTools = args.permitted_tools;

  const result = deriveArtifact(ctx.portal.artifact, {
    enforcement_triggers: triggers as EnforcementAction[],
    measurement_types: types as MeasurementType[],
    requested_ttl_seconds: ttl,
    delegation_purpose: purpose,
  }, ctx.issuerKP);

  if (result.success && result.child_artifact_hash && result.effective_ttl_seconds !== undefined && result.scope_reduction) {
    const record: DelegationRecord = {
      parent_artifact_hash: result.parent_artifact_hash,
      child_artifact_hash: result.child_artifact_hash,
      effective_ttl_seconds: result.effective_ttl_seconds,
      scope_reduction: result.scope_reduction,
      purpose,
      timestamp: utcNow(),
    };
    ctx.delegations.push(record);

    await ctx.appendToChain('DELEGATION', {
      type: 'DELEGATION',
      sub_agent_id: subAgentId,
      parent_artifact_hash: result.parent_artifact_hash,
      child_artifact_hash: result.child_artifact_hash,
      effective_ttl: result.effective_ttl_seconds,
      scope_reduction: result.scope_reduction,
      permitted_tools: permittedTools,
      purpose,
    });
  }

  return ctx.json({
    ...result,
    sub_agent_id: subAgentId,
    scope_diminished: result.success ? true : undefined,
    permitted_tools: permittedTools,
  });
}

src/tools/delegate-subagent.ts:7-18 (schema)

The input arguments interface for `aga_delegate_to_subagent`.

export interface DelegateSubagentArgs {
  // V2 parameter names (crucible pattern)
  sub_agent_id?: string;
  permitted_tools?: string[];
  ttl_seconds?: number;
  delegation_reason?: string;
  // V1 parameter names (enforcement-level pattern)
  enforcement_triggers?: string[];
  measurement_types?: string[];
  requested_ttl_seconds?: number;
  delegation_purpose?: string;
}

src/server.ts:299-313 (registration)

The tool registration for `aga_delegate_to_subagent` in `src/server.ts`.

// 19. aga_delegate_to_subagent (governed)
governedTool('aga_delegate_to_subagent',
  'Derive constrained policy artifact for sub-agent. Scope only diminishes. (NCCoE)',
  {
    sub_agent_id: z.string().optional(),
    permitted_tools: z.array(z.string()).optional(),
    enforcement_triggers: z.array(z.string()).optional(),
    measurement_types: z.array(z.string()).optional(),
    ttl_seconds: z.number().optional(),
    requested_ttl_seconds: z.number().optional(),
    delegation_purpose: z.string().optional(),
    delegation_reason: z.string().optional(),
  },
  async (args) => handleDelegateSubagent(args, ctx),
);

Tool Definition Quality

C2/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It hints at behavioral traits ('constrained policy artifact', 'scope only diminishes') suggesting this creates restrictions, but lacks details on permissions needed, whether it's destructive, rate limits, or what the artifact entails. The description is too abstract to adequately inform the agent about the tool's behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness3/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is brief (two sentences plus a parenthetical), which is efficient. However, it's front-loaded with abstract terms ('Derive constrained policy artifact') that don't clearly convey purpose, and the '(NCCoE)' adds unexplained noise. While concise, the structure doesn't optimize for clarity.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given high complexity (8 parameters, 0% schema coverage, no annotations, no output schema), the description is incomplete. It doesn't explain what the tool returns, how the artifact is used, or the implications of 'scope only diminishes'. For a tool with many parameters and no structured documentation, the description leaves significant gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters1/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate for 8 undocumented parameters. It mentions 'constrained policy artifact' and 'sub-agent', which loosely relate to 'sub_agent_id' and 'permitted_tools', but provides no meaningful semantics for parameters like 'enforcement_triggers', 'measurement_types', or TTL fields. The description fails to add value beyond the bare schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose2/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'Derive constrained policy artifact for sub-agent. Scope only diminishes. (NCCoE)' is vague and abstract. It mentions deriving something for a sub-agent with constraints, but doesn't clearly state what specific action is performed (e.g., create, delegate, restrict). The parenthetical '(NCCoE)' adds unexplained context. While it distinguishes from some siblings by focusing on sub-agents, the purpose remains unclear.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides minimal guidance. 'Scope only diminishes' implies this tool reduces capabilities, but it doesn't specify when to use it versus alternatives like 'aga_create_artifact' or 'aga_revoke_artifact'. No explicit when/when-not instructions or prerequisites are given, leaving usage context largely implied.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/attestedintelligence/aga-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server