When you deploy an autonomous AI agent for the first time, you face a fundamental tension: the agent needs freedom to be useful, but you can’t trust it until it’s proven itself. Most platforms force you to choose — either full lockdown or full autonomy. Dealgo takes a different approach.
The Problem with Binary Trust
Traditional AI governance treats trust as a switch. An agent is either “approved” or “not approved.” This creates two failure modes: you either over-restrict capable agents (killing productivity) or under-restrict unproven agents (risking security incidents). Neither is acceptable in production.
The real world doesn’t work this way. Human employees don’t get full admin access on day one. They start with limited permissions, prove competence, and gradually earn autonomy. Agent governance should follow the same pattern.
Three Tiers, One Pipeline
Dealgo implements a three-tier governance model. Every agent starts at the bottom and can graduate upward — or get demoted back down if it drifts.
Sandbox Tier
Every new agent begins here. The governance kernel evaluates 100% of requests through the full deterministic pipeline: Classification, Scoring, Verdict, and Audit. Nothing slips through. The active capsule is always soc2-strict, enforcing the tightest possible policy regardless of workspace configuration.
This tier is designed for untrusted agents, pilot programs, and any scenario where you need absolute visibility into every action an agent takes. Auto-demotion is disabled — you can’t fall below sandbox.
Certified Tier
Once an agent demonstrates consistent compliance, it can be promoted to the Certified tier. Here, the evaluation rate drops to 20% — but this isn’t random sampling. Dealgo uses deterministic hash-based spot-checking to preserve audit reproducibility.
The sampling algorithm is straightforward: SHA-256(agentId:requestHash:dayBucket) produces a hash, the first 8 hex characters are parsed into a 0–99 range, and the result is compared against the evaluation threshold. The same inputs always produce the same enforcement path. No Math.random(), no flaky results, no courtroom surprises.
At this tier, the workspace capsule applies (merged with global defaults), and auto-demotion is enabled. If the system detects drift patterns like FOUNDER_DILUTION_DRIFT or APPROVAL_ACCUMULATION, the agent gets demoted back to Sandbox automatically.
Autonomous Tier
The highest trust level. Only 5% of requests are evaluated — but system floors remain enforced. No capsule, no tier, no configuration can lower the approval threshold below 50/100 or the delay threshold below 30/100. These are non-negotiable minimums baked into the kernel.
Autonomous agents have proven track records and operate with minimal friction. But the governance kernel is still there. It’s a safety net, not a cage. And auto-demotion is always active — trust is earned continuously, not granted permanently.
Deterministic Sampling: No Randomness Allowed
A critical design decision in tiered governance is how sampling works at the Certified and Autonomous tiers. Random sampling breaks auditability — if you can’t reproduce which requests were evaluated, you can’t defend your governance posture in an audit.
Dealgo uses day-bucket rotation for its hash inputs: SHA-256(agentId:requestHash:YYYY-MM-DD). This means the same agent making the same request on the same day will always get the same evaluation decision. Different days produce different sampling patterns, providing coverage rotation without randomness.
The Tighten-Only Principle
Governance capsules — the composable policy bundles that define evaluation parameters — follow a strict tighten-only rule. When multiple capsules apply to the same decision, the system uses strictest-wins merge semantics. A capsule can make policy stricter, but it can never weaken it below system floors.
This means promoting an agent to a higher tier doesn’t reduce security — it reduces overhead. The fundamental protections remain intact. An agent at the Autonomous tier still can’t bypass escalation authority, still can’t circumvent data exfiltration guardrails, and still gets blocked from destructive operations that exceed scope.
Auto-Demotion: Trust Is Earned Continuously
Promotion isn’t permanent. Dealgo monitors for drift patterns that suggest an agent’s behavior is changing. The chain risk analyzer tracks cross-decision patterns and flags anomalies like approval accumulation (an agent slowly testing boundaries) or founder dilution drift (governance confidence degrading over time).
When these patterns are detected, the agent is automatically demoted to a lower tier and its evaluation rate increases. No human intervention required — the system self-corrects. The agent can earn its way back up through continued compliant behavior.
Why This Matters for Production
Tiered governance solves the practical problem of scaling AI agent deployments. You can onboard dozens of agents without drowning in approval requests, because proven agents operate with minimal oversight. But you maintain full security for new and untrusted agents without any additional configuration.
The kernel never goes away. It just becomes proportional to the trust each agent has earned. And that trust is cryptographically verifiable — every tier change, every evaluation, every sampling decision is recorded in the tamper-proof audit chain.