01
Scope Declaration
A machine-readable declaration of what an agent is authorized to do, forbidden from doing, and what requires human approval. Authored by the deploying business, enforced by the runtime, not the model.
Published Specification · Version 0.1 · Working Draft · May 2026
The Agent Deployment Standard
An open specification for responsibly deploying AI agents into operational business workflows. Authored by Keith Sherman. Published by SAIL Institute. Licensed under Apache 2.0.
Definition
What ADS is.
The Agent Deployment Standard (ADS) is a specification that defines how an AI agent is responsibly placed into an operational business workflow — covering the scope of its authority, the context it receives, the conditions under which it escalates to a human, the records it produces, the ways it recognizes known entities, and the audit trail any third party can use to verify what it did.
ADS is not a framework, a library, or a product. It is a specification — comparable in spirit to RSS, OAuth, or OpenAPI. Anyone can implement it. No one owns it. Its purpose is to give the agent ecosystem a shared vocabulary for deployment accountability.
Why it matters
The deployment problem.
Every current AI agent deployment depends on private trust between the vendor and the buyer. The vendor claims the agent behaves correctly; the buyer takes the claim on faith or builds custom audit pipelines. This does not scale, and it does not survive contact with regulated industries, enterprise procurement, or production incidents.
A shared deployment standard solves three problems simultaneously:
- Verifiability.Buyers can confirm what an agent did without trusting the vendor’s word.
- Portability. Deployment records are interoperable across platforms, vendors, and tools.
- Auditability. Regulators, auditors, and operators can inspect agent behavior using a common schema rather than vendor-specific telemetry.
The specification
Six pillars of responsible agent deployment.
A deployment is ADS v0.1 conformant when all six are implemented and verifiable.
02
Context Handoff Protocol
Authenticated transfer of structured context when upstream systems invoke an agent — what triggered the interaction, who the counterparty is, what history exists, what constraints apply.
03
Escalation Triggers
A taxonomy of conditions under which an agent must hand off to a human: emergency triggers, scope-boundary triggers, confidence triggers, explicit-request triggers, and repetition triggers. Enforced by the runtime.
04
Completion Records
A structured, signed record of every agent interaction: what was attempted, what was accomplished, what was refused, what was escalated. The unit of accountability.
05
Known-Entity Recognition
How agents identify returning counterparties — through deterministic identifiers, with appropriate disclosure, applied context, and full audit logging.
06
Verifiable Audit Trail
The combination of scope declarations, context handoffs, completion records, and escalation logs — complete, queryable, tamper-evident, portable, and retained.
The full specification — including conformance criteria, relationship to other standards, and the v0.x roadmap — is published on GitHub.
Read the Full SpecificationCommon questions
Frequently asked questions.
What is the Agent Deployment Standard (ADS)?
The Agent Deployment Standard (ADS) is an open specification for responsibly deploying AI agents into operational business workflows. It defines six pillars: scope declaration, context handoff protocol, escalation triggers, completion records, known-entity recognition, and verifiable audit trail. ADS is published by SAIL Institute under the Apache 2.0 license.
Who publishes the Agent Deployment Standard?
ADS is published by SAIL Institute, an independent standards organization founded in 2026 by Keith Sherman. The specification is openly developed on GitHub and licensed under Apache 2.0.
How is ADS different from agent identity or capability standards?
ADS focuses specifically on the deployment layer — the operational contract between an agent and the business workflow it serves. It is distinct from agent identity standards like W3C DIDs and Verifiable Credentials, and from capability standards like Anthropic's Model Context Protocol (MCP). ADS assumes the agent exists, is identified, and is capable, and specifies how it is deployed.
Is ADS production-ready?
ADS v0.1 is a working draft, published openly to invite review and contribution from operators deploying AI agents in production. A stable v1.0 with conformance test suite is targeted for late 2026. The specification is intended to be shaped by people doing the work.
What license does ADS use?
ADS is published under the Apache 2.0 license. Implementations may be open or proprietary; conformance is determined by behavior, not licensing.
Authorship and governance
Authored from production.
ADS was authored by Keith Sherman, founder of SAIL Institute, drawing on direct experience deploying voice and operational AI agents into trades businesses and other operational SMBs. The specification is informed by — and pressure-tested against — production deployments in regulated and customer-facing contexts.
ADS is openly developed on GitHub. Contributions, critiques, and implementation reports from the agent operator community are welcomed.