Spec · Validator
Agent Spec — Validator
Status: implemented Source: src/agents/validator.mjs Owner interface: validate(order, classification, routing, ctx) -> validation
Purpose
The safety boundary of the ecosystem. Decide whether an order is safe to action automatically, must be handed to a human, or should be rejected — and record exactly why. The validator is deliberately conservative: when in doubt it returns NEEDS_REVIEW so a human handles the exception.
Interface
validate(order, classification, routing, ctx) -> {
status: 'VALID' | 'NEEDS_REVIEW' | 'REJECT'
violations: Array<{ code, severity: 'blocking'|'review', detail }>
checks: Record<string, boolean>
fingerprint: string // stable hash for duplicate detection
}ctx = { seen: Map<fingerprint, lastTimestampMs>, config } carries the duplicate-detection memory and threshold overrides.
Rules
| # | Rule | Violation code | Severity | Effect |
|---|---|---|---|---|
| 1 | Location/zone resolvable | MISSING_LOCATION | blocking | REJECT |
| 2 | Description present (≥10 chars) | MISSING_DESCRIPTION | blocking | REJECT |
| 3 | Region mappable for routing | UNRESOLVED_REGION | review | NEEDS_REVIEW |
| 4 | Category confidence ≥ threshold (0.55) | LOW_CATEGORY_CONFIDENCE | review | NEEDS_REVIEW |
| 5 | Priority confidence ≥ threshold (0.55) | LOW_PRIORITY_CONFIDENCE | review | NEEDS_REVIEW |
| 6 | Estimated cost ≤ auto-approval limit ($5,000) | OVER_COST_LIMIT | review | NEEDS_REVIEW |
| 7 | Not a duplicate within 24h window | DUPLICATE | review | NEEDS_REVIEW |
Disposition: any blocking violation → REJECT; else any review violation → NEEDS_REVIEW; else VALID.
Thresholds (configurable via ctx.config)
minCategoryConfidence = 0.55
minPriorityConfidence = 0.55
autoApprovalCostLimit = 5000
duplicateWindowMs = 24hThese are policy knobs, not magic constants. Raising minCategoryConfidence trades a higher auto-action rate for fewer over-escalations and vice-versa.
Verified guarantees (verify.mjs)
- 100% of missing-location orders are blocked from auto-dispatch.
- 100% of seeded duplicates are detected and held.
- 100% of over-cost-limit orders are held for human approval.
- Exception-detection recall = 1.0; false-auto-action rate = 0.0 on the
synthetic corpus (see proof/LIMITATIONS.md for scope).