Oversight Protocol

The open standard for governing AI agents in production.

AI agents are moving from experiments to real operators inside companies. They read internal data, generate customer-facing output, and trigger actions.

Most organizations cannot answer basic questions:

• Which agents exist?
• What is each agent allowed to see?
• What actions can they take?
• Can we stop one instantly?
• Why did it do what it did?

The Oversight Protocol defines the missing layer:
identity, access control, supervision, and auditability for AI agents.

This specification is authored and released by Fractics (https://fractics.com).

---

What Oversight Is

Oversight is a protocol, not a product.

It defines the minimum control surface required to safely run AI agents in real systems—similar in spirit to:

• IAM for humans
• orchestration for containers
• transaction layers for payments

It is designed to sit below agent frameworks and above data and actions.

---

Core Principle

Agents never act directly.
They act through the Oversight.

If an agent bypasses the control plane, it is operating out of policy.

---

Mental Model

Treat agents like employees or consultants.

Just as humans require:

• onboarding
• scoped access
• supervision
• termination
• audit trails

Agents require the same.

Oversight provides this structure.

---

Protocol Overview

At a high level, Oversight introduces four mandatory primitives:

1. Agent Identity
   Every agent has a unique identity and lifecycle.

2. Context Gating
   Agents request context for a task; policies determine what is allowed.

3. Kill Switch
   Agents can be suspended or terminated instantly and globally.

4. Audit Logs
   Every request and decision is recorded immutably.

Optional extensions include action gating, approvals, and delegated authority.

---

Architecture (Logical)

Agent ↓ Oversight API ↓ Policy Engine ↓ Context Broker / Action Gateway

All agent activity passes through this spine.

---

What Oversight Is Not

Oversight does not:

• define how agents reason or plan
• provide models or inference
• orchestrate workflows
• replace agent frameworks
• store business data

Those concerns remain with downstream systems.

---

Who This Is For

• Teams deploying AI agents in production
• Enterprises concerned about compliance and risk
• Builders who want their agents to be enterprise-ready
• Platforms that need a neutral governance layer

---

Adoption Model

Oversight is designed for incremental adoption.

A minimal compliant implementation supports:

• agent registration
• policy attachment
• context gating
• kill switch
• audit logging

No rewrite required.

---

Status

Oversight Protocol Specification (OsPS)

• Version: 0.1.0 (Draft)
• Stabliity: Experimental
• Breaking changes: Possible before v1.0.0
• Last Updated: 2026-01-29
• Official Website: https://oversight.fractics.com

Community feedback and proposals are encouraged.

---

License

The Oversight Protocol is open-source and released under the Apache License 2.0.

Trademarks related to Oversight are retained by Fractics. See LICENSE, NOTICE, and TRADEMARK.md for details.

---

Why Oversight Exists

AI capability is accelerating faster than governance.

Oversight exists to ensure that as agents become more autonomous, they remain:

• accountable
• auditable
• stoppable
• trustworthy

AI will be everywhere.
Control must be somewhere.

Oversight defines that place.