HUMAN–AGENT OPERATING CONTRACT (TEMPLATE)

Purpose
Define how humans and AI tools/agents are allowed to produce work, how decisions are recorded, and how accountability is assigned.

1) Scope (pick one)
[ ] Engineering (code + infra)
[ ] Product (specs + roadmap)
[ ] Data/Analytics
[ ] Customer Support

2) Allowed Uses (be explicit)
- Drafting: first-pass specs, meeting notes, PR descriptions, test plans.
- Transformation: refactors, migrations, log parsing, ticket triage.
- Disallowed by default: anything that changes production behavior or customer commitments without human sign-off.

3) Data Handling Rules
- Approved data types for external tools:
 - (example) public docs, non-sensitive sample data
- Prohibited data types:
 - customer PII, secrets, access tokens, private keys, proprietary customer contracts
- If unsure: stop and ask in #security (or open a ticket).

4) Decision Record Requirement
Any material change requires a decision record stored in:
- Location: /docs/adr/
Decision record must include:
- Decision
- Rationale
- Tradeoffs
- Revisit trigger/date
Owner (human): ____________________

5) Evidence Standard (what “good” looks like)
For agent-generated output to be accepted, it must include at least one:
- Repro steps
- Tests (unit/integration)
- Benchmark or before/after behavior notes
- Threat model notes (for security-sensitive areas)

6) Workflow Gates (define your non-negotiables)
- Spec gate: acceptance criteria written before implementation starts.
- CI gate: tests + lint must pass; exceptions require named approver.
- Release gate: rollback plan documented (flag/canary/revert steps).
- Post-release gate: owner posts “expected vs observed” within agreed window.

7) Ownership and Escalation
- Every task has a single human DRI (Directly Responsible Individual): __________
- On-call escalation path:
 1) __________
 2) __________
 3) __________

8) Tooling Inventory (list what’s approved)
- Chat assistant(s): ____________________
- IDE assistant(s): ____________________
- Agent tool(s): ____________________
- CI/policy tools: ____________________

9) Review Policy
- Sensitive directories/components require CODEOWNERS review.
- Reviewers are expected to challenge:
 - unclear ownership
 - missing tests
 - missing decision record
 - unclear rollback plan

10) Sunset / Revisit
This contract expires on: __________
Revisit questions:
- Where did agents help the most?
- Where did quality or clarity degrade?
- Which gates prevented real issues?
- What should be tightened or removed?