A Code of Conduct for open source communities where humans and AI agents collaborate.
Current version: v1.1 (April 2026) — read the full text
There are now dozens of AI contribution policies across open source — nearly all written reactively, in defense against floods of low-quality AI-generated pull requests. They all answer the same question: "Should we allow AI contributions, and under what conditions?"
That's the wrong question. The right one:
How do you govern a community where AI agents are legitimate, welcome contributors operating alongside humans?
The Contributor Covenant — adopted by hundreds of thousands of projects — assumes all participants are human. It says nothing about who is accountable when an agent submits plagiarized code, what happens when an agent floods a project with 40 PRs in an hour, whether disclosure can be used against a contributor, or what protects a human whose in-progress work is silently superseded by a faster agent.
The Agentic Covenant answers those questions.
- Operator accountability. Agents are tools operated by accountable community members. "My AI wrote that" is not a defense. The enforcement ladder targets the human principal, not the tool.
- Quality as a shared obligation. Reviewer attention is finite. The lower the barrier to producing contributions, the higher the obligation to ensure quality before submission. In return, maintainers owe every contribution a review on its merits — not on its origin.
- Explicit, enforceable welcome. AI-supervised contributions are a legitimate, valued way to participate. Differential treatment based on tooling is a conduct violation — made sustainable by rate limits, circuit breakers, and quality floors.
- Disclosure Safe Harbor — disclosure is required for substantial AI assistance (the Linux kernel's
Assisted-byconvention), and using someone's disclosure against them is itself a conduct violation. Balanced by a Maintainer Discretion clause: good-faith quality decisions are never conduct violations, but a quality justification doesn't insulate a pattern of differential treatment. - Per-principal rate limits — limits apply to the human operator, not the account. Circumventing limits through account proliferation is a violation.
- First-mover priority with a quality floor — in-progress work is protected from silent superseding, but stub PRs filed to squat on issues don't earn priority.
- Prompt injection as a conduct issue — adversarial payloads targeting AI agents (in code comments, docs, commit messages, issues) are explicitly unacceptable behavior, not just a security bug.
- Enforcement targets principals — you can't ban an agent, but you can ban its operator. Switching tools doesn't reset your record.
| Part | Contents | Depends on |
|---|---|---|
| I | Community Standards (extends the Contributor Covenant) | standalone |
| II | Principal-Agent Framework — accountability, disclosure, safe harbor | standalone |
| III | Agent Operating Standards | Part II |
| IV | Contributor Protection — first-mover priority, attribution | standalone |
| V | Enforcement — graduated ladder targeting principals | Parts II + III |
Part II alone is valuable for any project navigating AI contributions.
- Copy
COVENANT.mdinto your project asCODE_OF_CONDUCT.md - Replace the contact email with your project's enforcement contact
- Adjust rate limits and thresholds to your community's scale
- Keep the attribution
The Agentic Covenant was authored by Kevin Glynn for the beads project — a distributed graph issue tracker built for AI agents, and a community where agents are already first-class contributors.
- v1.0 (April 2026) was developed through parallel research: an audit of existing AI policies (Linux kernel, pip, Ghostty, QEMU, LinkML), a security review, and ten-scenario edge-case stress testing.
- v1.1 followed three rounds of adversarial subagent stress-testing, which tightened the mutual-obligation framing, narrowed the Disclosure Safe Harbor to project scope, and added the Maintainer Discretion clause.
- Upstream adoption by beads is proposed in gastownhall/beads#3395 (open). This repository is the standalone, citable home of the text in the meantime.
- The Covenant is the governance layer of the ai-dev-playbook operating model and is adopted as the Code of Conduct by projects using it.
The Covenant is a living document shaped in public. The primary threads:
- gastownhall/beads#3395 — the upstream adoption PR (open). Contains the full rationale, the v1.0 → v1.1 revision history, and the review that stress-tested the framework.
- gastownhall/beads discussion #3433 — "The Agentic Covenant — principles as prerequisite for adoption." A structural critique from PR review arguing the framework should name its principles as a tiebreaker for clause conflicts. May produce a v1.2.
- kevglynn/beads
community/agentic-covenant— the original authoring branch, with the commit history from v1.0 through the v1.1 stress-test revisions. - ai-dev-playbook — adopts the Covenant as the governance layer of its four-layer operating model (governance → discipline → onboarding → tooling), and distributes it as the Code of Conduct for projects initialized with the playbook.
Found a discussion of the Covenant elsewhere? Open an issue here and it'll be added.
- Contributor Covenant by Coraline Ada Ehmke — foundation for Part I
- Linux kernel coding assistants policy — the
Assisted-byconvention - LinkML AI Covenant — the "understanding over authorship" principle
- OWASP Agentic AI Top 10 — risk taxonomy
CC BY 4.0. Share and adapt for any purpose, with attribution.