Action class

A classification of the actions an AI agent can take, used to define approval gates, error budgets, and audit-retention policies per category. Standard action classes used in this publication's framework: read (no state change in any system), write (state change in an internal system, recoverable), financial (state change involving money movement, irrecoverable without explicit reversal), contractual (state change with legal effect on a counterparty), identity (provisioning or modifying access to other systems).

Action class is the operational primitive that turns abstract 'governance' into specific configurable controls. Every production agent should have a documented action-class registry, every action class should have a documented approval gate, and the audit substrate should retain action-class plus planned-vs-executed for every decision. Most 2026 enterprise deployments have action-class definitions in the policy doc but no action-class enforcement in the runtime — that gap is the most-cited 2026 governance audit finding.

Related frameworks

• MTTD-for-Agents →
• GAUGE →

Articles that analyse this term

• Agentic-AI action-approval gates: the CISO control set for autonomous-actor authority
• Agent SLA architecture: what 'production-ready' actually means for autonomous, non-deterministic actors
• EU AI Act Article 12 audit-evidence template for agentic AI

Primary sources

• Anthropic. Claude with computer use — safety considerations
• OWASP. Top 10 for LLM Applications — LLM06 Excessive Agency