generated from coulomb/repo-seed
2.1 KiB
2.1 KiB
Markitect Action Vocabulary
This document defines the action vocabulary for Markitect as a flex-auth protected system. Actions are normalized before policy evaluation so Markitect local behavior maps cleanly to CARING capabilities and exposure modes.
| Action | Markitect policy-gateway meaning | CARING capabilities | CARING planes | Exposure modes | Decision effects |
|---|---|---|---|---|---|
read |
Render or fetch one document/resource. | View |
Data |
Metadata, Masked, Plaintext |
allow, deny, redact |
query |
Answer over a bounded resource set. | ViewCollection, Observe |
Data |
Metadata, Aggregated, Masked |
allow, deny, redact |
search |
Search index or metadata across resources. | ViewCollection, Observe |
Data |
Metadata, Aggregated, Masked |
allow, deny, redact |
package |
Build a context package from selected resources. | Create, Bind, ViewCollection |
Intent, Data |
Metadata, Masked |
allow, deny, audit_only |
activate_context |
Activate a prepared context package for model/tool use. | Use, Execute |
Intent, Policy |
Metadata, Masked |
allow, deny, audit_only |
export |
Materialize or transfer content outside Markitect. | Export |
Data, Audit |
Exportable, Plaintext |
allow, deny, audit_only |
workflow_run |
Execute a workflow using Markitect resources. | Execute, Operate |
Execution, Data, Audit |
Metadata, Masked, Plaintext |
allow, deny, audit_only |
admin |
Configure Markitect policy, identity, or resource controls. | Configure, Grant, Revoke, Audit |
Configuration, Identity, Policy, Audit |
Metadata, Plaintext |
allow, deny, audit_only |
read, query, and search never imply Export. Export is separate because
it changes the exposure mode to Exportable and usually requires explicit
conditions such as MFA and logging.
The code-level source of truth is internal/markitect/actions.go. The pinned
manifest example in examples/markitect/protected_system_manifest.yaml mirrors
that vocabulary as protected-system action definitions.