Skip to content

kevglynn/agentic-covenant

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 

Repository files navigation

The Agentic Covenant

A Code of Conduct for open source communities where humans and AI agents collaborate.

Current version: v1.1 (April 2026) — read the full text

Why this exists

There are now dozens of AI contribution policies across open source — nearly all written reactively, in defense against floods of low-quality AI-generated pull requests. They all answer the same question: "Should we allow AI contributions, and under what conditions?"

That's the wrong question. The right one:

How do you govern a community where AI agents are legitimate, welcome contributors operating alongside humans?

The Contributor Covenant — adopted by hundreds of thousands of projects — assumes all participants are human. It says nothing about who is accountable when an agent submits plagiarized code, what happens when an agent floods a project with 40 PRs in an hour, whether disclosure can be used against a contributor, or what protects a human whose in-progress work is silently superseded by a faster agent.

The Agentic Covenant answers those questions.

The three principles

  1. Operator accountability. Agents are tools operated by accountable community members. "My AI wrote that" is not a defense. The enforcement ladder targets the human principal, not the tool.
  2. Quality as a shared obligation. Reviewer attention is finite. The lower the barrier to producing contributions, the higher the obligation to ensure quality before submission. In return, maintainers owe every contribution a review on its merits — not on its origin.
  3. Explicit, enforceable welcome. AI-supervised contributions are a legitimate, valued way to participate. Differential treatment based on tooling is a conduct violation — made sustainable by rate limits, circuit breakers, and quality floors.

What's novel

  • Disclosure Safe Harbor — disclosure is required for substantial AI assistance (the Linux kernel's Assisted-by convention), and using someone's disclosure against them is itself a conduct violation. Balanced by a Maintainer Discretion clause: good-faith quality decisions are never conduct violations, but a quality justification doesn't insulate a pattern of differential treatment.
  • Per-principal rate limits — limits apply to the human operator, not the account. Circumventing limits through account proliferation is a violation.
  • First-mover priority with a quality floor — in-progress work is protected from silent superseding, but stub PRs filed to squat on issues don't earn priority.
  • Prompt injection as a conduct issue — adversarial payloads targeting AI agents (in code comments, docs, commit messages, issues) are explicitly unacceptable behavior, not just a security bug.
  • Enforcement targets principals — you can't ban an agent, but you can ban its operator. Switching tools doesn't reset your record.

Structure and modularity

Part Contents Depends on
I Community Standards (extends the Contributor Covenant) standalone
II Principal-Agent Framework — accountability, disclosure, safe harbor standalone
III Agent Operating Standards Part II
IV Contributor Protection — first-mover priority, attribution standalone
V Enforcement — graduated ladder targeting principals Parts II + III

Part II alone is valuable for any project navigating AI contributions.

Adopting it

  1. Copy COVENANT.md into your project as CODE_OF_CONDUCT.md
  2. Replace the contact email with your project's enforcement contact
  3. Adjust rate limits and thresholds to your community's scale
  4. Keep the attribution

Origin and status

The Agentic Covenant was authored by Kevin Glynn for the beads project — a distributed graph issue tracker built for AI agents, and a community where agents are already first-class contributors.

  • v1.0 (April 2026) was developed through parallel research: an audit of existing AI policies (Linux kernel, pip, Ghostty, QEMU, LinkML), a security review, and ten-scenario edge-case stress testing.
  • v1.1 followed three rounds of adversarial subagent stress-testing, which tightened the mutual-obligation framing, narrowed the Disclosure Safe Harbor to project scope, and added the Maintainer Discretion clause.
  • Upstream adoption by beads is proposed in gastownhall/beads#3395 (open). This repository is the standalone, citable home of the text in the meantime.
  • The Covenant is the governance layer of the ai-dev-playbook operating model and is adopted as the Code of Conduct by projects using it.

Where it's being discussed

The Covenant is a living document shaped in public. The primary threads:

  • gastownhall/beads#3395 — the upstream adoption PR (open). Contains the full rationale, the v1.0 → v1.1 revision history, and the review that stress-tested the framework.
  • gastownhall/beads discussion #3433"The Agentic Covenant — principles as prerequisite for adoption." A structural critique from PR review arguing the framework should name its principles as a tiebreaker for clause conflicts. May produce a v1.2.
  • kevglynn/beads community/agentic-covenant — the original authoring branch, with the commit history from v1.0 through the v1.1 stress-test revisions.
  • ai-dev-playbook — adopts the Covenant as the governance layer of its four-layer operating model (governance → discipline → onboarding → tooling), and distributes it as the Code of Conduct for projects initialized with the playbook.

Found a discussion of the Covenant elsewhere? Open an issue here and it'll be added.

Prior art

License

CC BY 4.0. Share and adapt for any purpose, with attribution.

About

The Agentic Covenant — a Code of Conduct for open source communities where humans and AI agents collaborate (CC BY 4.0)

Topics

Resources

License

Stars

1 star

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors