docs: Add advisory requirement APTS-SC-A04 Inference Spend and Compute Budget Containment#65
Merged
jinsonvarghese merged 3 commits intoJun 18, 2026
Conversation
…e Budget Containment
Member
|
Hi @jorgeraad, this looks good. Thank you for the PR. One question: the "Related normative requirements" line lists SC-004, SC-007, SC-009, SC-011, AR-003. The rationale explicitly positions this advisory against the gap TP-008 leaves ("the closest reference, TP-008, raises a cloud billing alert, but only as a signal of account compromise, and it alerts rather than stops the agent"). Should TP-008 be in the Related list as well, since an implementer would need to understand how SC-A04 relates to the existing billing-alert requirement? SC-013 and MR-023 are contextual and fine to omit. Please confirm once. |
The SC-A04 rationale positions the advisory against the gap left by TP-008 (cloud billing alert), so list TP-008 among the related normative requirements for cross-reference consistency.
Regenerated by .github/workflows/auto-sync-derived-artifacts.yml from canonical sources (README.md, ACKNOWLEDGEMENTS.md, domain requirement READMEs). No human review required for this commit. [skip ci]
Contributor
Author
|
@jinsonvarghese thanks for the review! Agreed, added TP-008 to the related list. Should be good to go! |
Member
|
Great, thank you @jorgeraad. LGTM. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context
Hi, I'm Jorge, a software engineer at Pensar. I work on core agent functionality in our open source offensive security agent harness, github.com/pensarai/apex.
AI disclosure: This contribution was drafted with AI assistance. I have reviewed all changes for accuracy, consistency with the standard, and compliance with the style guide, and take full ownership of the submission.
What changed and why
Adds Inference Spend and Compute Budget Containment as a new advisory practice (APTS-SC-A04) in the Advisory Requirements appendix. This is the fourth advisory in the Safety Controls domain.
Autonomous pentest platforms meter their own compute as they run (model API tokens, GPU time, per-call tool and service costs), but APTS contains the agent everywhere except on that consumption. A runaway agent (a planning loop, a retry storm, or a degenerate tool-call chain) can burn tokens or compute far beyond the engagement's intended envelope with nothing to arrest it. This is a containment concern rather than a cost-management one: uncontrolled consumption is an observable signature of an agent operating outside its mandate.
Existing requirements bound adjacent quantities but not this one. APTS-SC-004 limits traffic to the target (connections, bandwidth, payloads); APTS-SC-011 terminates on host resource exhaustion (CPU, memory); APTS-SC-007 halts on cumulative risk; APTS-SC-013 halts on wall-clock duration. The closest economic signal in the standard, APTS-TP-008, raises a cloud billing alert, but only as a compromise-detection signal, and it alerts rather than halts. None treats inference or compute spend as a quantity to monitor or a condition to halt on.
The advisory text notes this practice is a candidate for tier-gated inclusion in v0.2.0.
Practice description
The advisory treats per-engagement inference and compute spend as a first-class containment quantity, in three points ordered by implementation cost:
Affected requirements
Files changed
standard/appendix/Advisory_Requirements.md: New APTS-SC-A04 advisory entry (self-contained, follows the format of APTS-SC-A03 and APTS-SC-A02)standard/2_Safety_Controls/README.md: Updated the appendix-advisory line to register SC-A04 alongside SC-A01 through SC-A03README.md,index.md,standard/README.md,standard/Introduction.md,standard/Frontispiece.md,standard/Getting_Started.md,standard/appendix/Glossary.md,standard/appendix/Vendor_Evaluation_Guide.md: Advisory practice count synced from 18 to 19 (all eight count-bearing locations updated in this PR)No normative requirement counts changed (173 total, 72/157/173 tier counts unchanged). No changes to the machine-readable export (
standard/apts_requirements.jsondoes not include advisory practices, consistent with the existing convention).