CognigateDocs › Capabilities

Documentation

Capabilities

What agents can do at each trust tier — the capability gating model.

Overview

Capabilities define what actions an agent is permitted to perform. Access is gated by trust tier — agents earn capabilities by demonstrating reliable behavior over time.

Key principle: Capabilities expand with trust. A new agent starts with minimal access (T0 Sandbox) and progressively earns more as it proves itself. A violation can revoke capabilities instantly.

Trust Tiers and Capabilities

TierNameScore RangeTypical Capabilities
T0Sandbox0–50Read-only, no external access, full logging
T1Restricted51–150Limited read/write, no sensitive data
T2Observed151–300Standard operations, monitored network access
T3Monitored301–600Broader access, reduced monitoring frequency
T4Standard601–750Full standard operations, delegated authority
T5Trusted751–850Cross-system operations, escalation authority
T6Elevated851–950Administrative operations, policy modification
T7Sovereign951–1000Full autonomy, firmware-level access, governance self-modification

Observation Tier Ceiling

An agent's maximum achievable trust depends on its observation tier — how much visibility you have into its behavior:

Observation TierMax TrustDescription
BLACK_BOXT3 (600)Inputs and outputs only — no internal visibility
GRAY_BOXT5 (850)Partial internal telemetry available
WHITE_BOXT6 (950)Full internal state observable
ATTESTED_BOXT7 (1000)Third-party attestation of internal state
VERIFIED_BOXT7 (1000)Formally verified behavior guarantees
Important: A BLACK_BOX agent (e.g., a third-party LLM API) can never exceed T3 regardless of behavior. Your confidence in what the agent is doing is fundamentally limited by what you can observe.

Capability Namespaces

Capabilities use a namespace:action pattern:

read:*              # Read any resource
write:documents     # Write to documents only
network:internal    # Internal network access only
admin:users         # User administration
physical:sensor     # Physical sensor access (T5+ minimum)
physical:firmware   # Firmware operations (T7 minimum)

Next Steps