Skip to main content
IIOS — The platform for organizational reasoning
Core platform

Agents

Agents are autonomous workers bound to a scoped view of the graph. They plan within policy, act only through governed tools, and record every decision as an immutable event — so autonomy never outruns accountability.

ForDevelopersImplementation teamsIT organizations

The agent loop

Agents run a closed perceive–plan–act–observe loop. Each pass reads current graph state, plans within its policy budget, acts through a scoped tool, and writes the outcome back as an auditable event before looping again.

Agent execution loop
Perceivegraph statePlanpolicy-scopedActscoped toolsObserverecord eventAudit ledgerevery step
Every action is mediated by policy and recorded to the audit ledger.

Defining an agent

An agent declaration binds three things: a scope (what slice of the graph it can see), a set of tools (what it can do), and a policy (the limits it operates within).

agents/maintenance.ts
export const maintenanceAgent = iios.defineAgent({
  name: "maintenance-planner",
  scope: { site: "PLANT-04", type: ["Asset", "WorkOrder"] },
  tools: [
    tools.graphQuery(),
    tools.createWorkOrder({ requireApproval: true }),
  ],
  policy: {
    minConfidence: 0.75,
    maxActionsPerRun: 10,
  },
})
Scope is a hard boundary
An agent cannot read or write outside its declared scope, even if a tool would otherwise allow it. Scope is enforced by the same policy engine that governs human access.

Invoking & inspecting runs

invoke.ts
const run = await iios.agents.invoke("maintenance-planner", {
  input: "Schedule inspections for degraded pumps this week.",
})

// Every step is an immutable, replayable event
run.steps.forEach((s) => console.log(s.kind, s.tool, s.evidence))
  • Each run produces an ordered list of immutable steps with evidence.
  • High-impact tools can require human approval before they commit.
  • Runs are fully replayable for audit and debugging.

Building agents safely

  1. 1
    Start read-only
    Ship with query tools only; observe behavior before granting write tools.
  2. 2
    Gate writes with approval
    Require human sign-off for actions that change physical or financial state.
  3. 3
    Set tight budgets
    Cap actions-per-run and minimum confidence to bound blast radius.
  4. 4
    Review the ledger
    Use the audit ledger to attest agent behavior against policy on a schedule.