aga_delegate_to_subagent
Delegate specific permissions to sub-agents by creating constrained policy artifacts that limit tool access and define enforcement triggers.
Instructions
Derive constrained policy artifact for sub-agent. Scope only diminishes. (NCCoE)
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| sub_agent_id | No | ||
| permitted_tools | No | ||
| enforcement_triggers | No | ||
| measurement_types | No | ||
| ttl_seconds | No | ||
| requested_ttl_seconds | No | ||
| delegation_purpose | No | ||
| delegation_reason | No |
Implementation Reference
- src/tools/delegate-subagent.ts:20-71 (handler)The handler function for the `aga_delegate_to_subagent` tool, which derives a constrained policy artifact for a sub-agent.
export async function handleDelegateSubagent(args: DelegateSubagentArgs, ctx: ServerContext) { if (!ctx.portal.artifact) return ctx.error('No artifact loaded. Call aga_create_artifact first.'); // Resolve parameters (support both V1 and V2 naming) const triggers = args.enforcement_triggers ?? ctx.portal.artifact.enforcement_parameters.enforcement_triggers.map(String); const types = args.measurement_types ?? ctx.portal.artifact.enforcement_parameters.measurement_types.map(String); const ttl = args.ttl_seconds ?? args.requested_ttl_seconds ?? 1800; const purpose = args.delegation_reason ?? args.delegation_purpose ?? 'Sub-agent delegation'; const subAgentId = args.sub_agent_id ?? 'sub-agent'; // If permitted_tools provided, validate against behavioral baseline const permittedTools = args.permitted_tools; const result = deriveArtifact(ctx.portal.artifact, { enforcement_triggers: triggers as EnforcementAction[], measurement_types: types as MeasurementType[], requested_ttl_seconds: ttl, delegation_purpose: purpose, }, ctx.issuerKP); if (result.success && result.child_artifact_hash && result.effective_ttl_seconds !== undefined && result.scope_reduction) { const record: DelegationRecord = { parent_artifact_hash: result.parent_artifact_hash, child_artifact_hash: result.child_artifact_hash, effective_ttl_seconds: result.effective_ttl_seconds, scope_reduction: result.scope_reduction, purpose, timestamp: utcNow(), }; ctx.delegations.push(record); await ctx.appendToChain('DELEGATION', { type: 'DELEGATION', sub_agent_id: subAgentId, parent_artifact_hash: result.parent_artifact_hash, child_artifact_hash: result.child_artifact_hash, effective_ttl: result.effective_ttl_seconds, scope_reduction: result.scope_reduction, permitted_tools: permittedTools, purpose, }); } return ctx.json({ ...result, sub_agent_id: subAgentId, scope_diminished: result.success ? true : undefined, permitted_tools: permittedTools, }); } - src/tools/delegate-subagent.ts:7-18 (schema)The input arguments interface for `aga_delegate_to_subagent`.
export interface DelegateSubagentArgs { // V2 parameter names (crucible pattern) sub_agent_id?: string; permitted_tools?: string[]; ttl_seconds?: number; delegation_reason?: string; // V1 parameter names (enforcement-level pattern) enforcement_triggers?: string[]; measurement_types?: string[]; requested_ttl_seconds?: number; delegation_purpose?: string; } - src/server.ts:299-313 (registration)The tool registration for `aga_delegate_to_subagent` in `src/server.ts`.
// 19. aga_delegate_to_subagent (governed) governedTool('aga_delegate_to_subagent', 'Derive constrained policy artifact for sub-agent. Scope only diminishes. (NCCoE)', { sub_agent_id: z.string().optional(), permitted_tools: z.array(z.string()).optional(), enforcement_triggers: z.array(z.string()).optional(), measurement_types: z.array(z.string()).optional(), ttl_seconds: z.number().optional(), requested_ttl_seconds: z.number().optional(), delegation_purpose: z.string().optional(), delegation_reason: z.string().optional(), }, async (args) => handleDelegateSubagent(args, ctx), );