PERMISSION/PROTOCOL

Parallel coding agents

Authorization receipts for parallel coding agent platforms

When your product turns tickets into agent-authored PRs, merges, deploys, or workflow changes, enterprise customers need proof that each high-risk action was authorized.

Integration sketch
const decision = await permissionProtocol.verify({
  actor: "agent:platform-worker-42",
  action: "github.pull_request.merge",
  resource: "repo:customer/payments-api:main",
  context: {
    pr: 1047,
    commit: "9f2c1a7",
    risk: "production-impacting",
    source: "ticket-to-pr-agent"
  }
});

if (!decision.authorized) {
  throw new Error("Signed authorization receipt required");
}

Agent identity

Bind the request to the platform worker, customer tenant, repo, PR, commit, and target branch.

Policy decision

Let low-risk actions proceed and require signer authority when the action can affect production.

Portable proof

Return a receipt the customer can attach to CI, audit, incident review, or enterprise security review.

Where it fits

Use receipts where agent work crosses the customer trust boundary.

Ticket-to-PR agents
Parallel background workers
Automated merge queues
Production deploy agents
Workflow mutation tools
Customer-hosted repo agents

Enterprise customers ask who authorized the agent, under what policy, and where the proof lives.

Permission Protocol gives your platform a concrete answer before the next merge, deploy, workflow mutation, or database change.