OWL orchestrates multi-agent task automation for real-world scenarios. Agents use tools, access files, browse the web, and interact with applications. When multiple agents collaborate on a task like "organize my inbox and respond to urgent emails," each agent needs different authority — the reader should read emails, the analyzer should classify them, and only the responder should send replies. Right now there's no enforcement preventing the analyzer from sending emails or the reader from deleting them.
Delegation per agent role in the task:
from agent_passport_system import create_delegation, govern_action
# Reader: email read only
reader_delegation = create_delegation(
delegated_to=reader_key,
delegated_by=user_key,
scope=["email:read", "email:list"],
expires_in_seconds=1800
)
# Analyzer: read + classify, no send
analyzer_delegation = create_delegation(
delegated_to=analyzer_key,
delegated_by=user_key,
scope=["email:read", "classification:write"],
expires_in_seconds=1800
)
# Responder: send replies to specific threads, spend-capped
responder_delegation = create_delegation(
delegated_to=responder_key,
delegated_by=user_key,
scope=["email:send:reply"], # reply only, no new threads
spend_limit=0,
expires_in_seconds=1800,
max_depth=0
)
# Analyzer tries to send → blocked
result = govern_action(
action={"type": "email:send", "to": "someone@example.com"},
delegation=analyzer_delegation,
passport=analyzer_passport
)
# result["permitted"] == False — analyzer can't sendEvery tool call produces an Ed25519-signed receipt. When the multi-agent task completes, the user has a full audit trail: which agent did what, under what authority, and the signed proof for each action.
pip install agent-passport-system (v0.8.0, Apache-2.0) or npm install agent-passport-system (v1.36.2). Gateway at aeoess.com/portal.html.
OWL orchestrates multi-agent task automation for real-world scenarios. Agents use tools, access files, browse the web, and interact with applications. When multiple agents collaborate on a task like "organize my inbox and respond to urgent emails," each agent needs different authority — the reader should read emails, the analyzer should classify them, and only the responder should send replies. Right now there's no enforcement preventing the analyzer from sending emails or the reader from deleting them.
Delegation per agent role in the task:
Every tool call produces an Ed25519-signed receipt. When the multi-agent task completes, the user has a full audit trail: which agent did what, under what authority, and the signed proof for each action.
pip install agent-passport-system(v0.8.0, Apache-2.0) ornpm install agent-passport-system(v1.36.2). Gateway at aeoess.com/portal.html.