G

Technical Appendices

Technical Appendices

Appendix Index#

Appendix

Description

A

Workspace Module Registry

B

Execution State Reference

C

Policy Profile Schema

D

Artifact Schema

E

Knowledge Object Schema

F

Approval Request Schema

G

Tool Contract Schema

H

Risk Tier Classification

I

Audit Event Schema

J

Workspace Layer Integration Map

K

Execution Pipeline Reference

L

Glossary

Appendix A — Workspace Module Registry#

The following table lists all modules within Gao Workspace, their category, and their primary integration target.

Module

Category

Primary Integration

Seal

User-Facing

GAR Runtime

Gao Monitor

User-Facing

Automation, AI OS

Approval Center

User-Facing

Policy Gate, GAR

Gao Studio

Builder & Orchestration

Agent Builder, GAR

Agent Builder

Builder & Orchestration

GAR Runtime

Automation

Builder & Orchestration

GAR Runtime

Tools

Builder & Orchestration

GAR Runtime

Knowledge

Data & Intelligence

Memory Graph, Artifacts

Artifacts

Data & Intelligence

Storage, Knowledge

Memory Graph

Data & Intelligence

GAR Planning Engine

Storage

Data & Intelligence

Artifacts, DePIN Layer

Messaging

Operational

Automation, GAR

Projects

Operational

Apps, Knowledge, Artifacts

CRM

Operational

Knowledge, Automation

Apps

Operational

Domain Layer, Billing

Marketplace

Operational

Apps, Artifacts

Billing

Operational

Payment Layer (L4)

Admin

Operational

Approval Center, Billing, Projects

Appendix B — Execution State Reference#

GAR tracks execution state for all active and historical sessions.

Session States#

State

Description

initializing

Session is being prepared

planning

Planner is decomposing the request

policy_check

Policy Gate is evaluating the planned actions

pending_approval

Waiting on Approval Center decision

executing

Active execution in progress

suspended

Execution paused

completed

Execution finished successfully

failed

Execution terminated with errors

cancelled

Execution cancelled by user or system

expired

Session elapsed maximum allowed duration

Task States#

State

Description

queued

Task is scheduled for execution

running

Task is actively executing

completed

Task finished successfully

failed

Task terminated with an error

skipped

Task bypassed due to dependency resolution

blocked

Task blocked by policy or approval gate

Appendix C — Policy Profile Schema#

Policy profiles define the governance rules applied to agent executions within a workspace.

{
 "policy_id": "string",
 "domain": "string",
 "version": "string",
 "created_at": "ISO8601 timestamp",
 "rules": [
  {
   "rule_id": "string",
   "action_category": "string",
   "condition": {
    "threshold": "number | null",
    "connector_scope": ["string"],
    "environment_scope": ["string"]
   },
   "enforcement": "allow | require_approval | deny",
   "approver_roles": ["string"],
   "expiry_seconds": "number | null"
  }
 ],
 "safe_mode": "boolean",
 "default_enforcement": "allow | require_approval | deny"
}

Policy enforcement values

Value

Behavior

allow

Action proceeds without interruption

require_approval

Action is routed to the Approval Center

deny

Action is blocked and logged

Appendix D — Artifact Schema#

Artifacts are the persistent output objects produced by GAR executions.

{
 "artifact_id": "string",
 "owner_domain": "string",
 "producer_agent": "string",
 "session_id": "string",
 "artifact_type": "string",
 "content_hash": "string",
 "version": "integer",
 "created_at": "ISO8601 timestamp",
 "lineage": {
  "parent_artifact_ids": ["string"],
  "source_knowledge_ids": ["string"]
 },
 "storage_ref": "string",
 "metadata": {
  "label": "string",
  "tags": ["string"],
  "description": "string"
 },
 "status": "active | archived | promoted"
}

Artifact types

Type

Description

report

Generated analysis or summary document

dataset

Structured data output

application

Deployable application bundle

media

Generated image, audio, or video

log

Execution trace or audit log

deployment_bundle

Infrastructure deployment package

api_definition

API contract or schema

browser_capture

Web automation output

Appendix E — Knowledge Object Schema#

Knowledge objects represent processed, indexed information available to agents.

{
 "knowledge_id": "string",
 "domain": "string",
 "source_type": "document | connector | artifact | web | internal",
 "source_ref": "string",
 "classification": "trusted | internal | external | unverified",
 "created_at": "ISO8601 timestamp",
 "updated_at": "ISO8601 timestamp",
 "content_summary": "string",
 "chunk_count": "integer",
 "embedding_model": "string",
 "metadata": {
  "title": "string",
  "tags": ["string"],
  "language": "string"
 },
 "memory_graph_registered": "boolean"
}

Classification definitions

Appendix F — Approval Request Schema#

Approval requests are created by the Policy Gate when an action requires human authorization.

{
 "request_id": "string",
 "domain": "string",
 "requesting_agent": "string",
 "session_id": "string",
 "action_type": "string",
 "action_detail": {
  "description": "string",
  "parameters": {}
 },
 "risk_tier": "low | medium | high | critical",
 "created_at": "ISO8601 timestamp",
 "expires_at": "ISO8601 timestamp",
 "status": "pending | approved | rejected | deferred | expired | cancelled",
 "approver_roles_required": ["string"],
 "decisions": [
  {
   "approver_domain": "string",
   "decision": "approve | reject | defer",
   "decided_at": "ISO8601 timestamp",
   "note": "string | null"
  }
 ],
 "multi_approver_required": "boolean",
 "approvals_required_count": "integer"
}

Appendix G — Tool Contract Schema#

Tool contracts define the interface and governance requirements for callable tools.

{
 "tool_id": "string",
 "tool_name": "string",
 "version": "string",
 "execution_environment": "sandbox | browser | connector | infrastructure",
 "capability_required": "string",
 "risk_tier": "low | medium | high | critical",
 "input_schema": {},
 "output_schema": {},
 "timeout_seconds": "integer",
 "idempotent": "boolean",
 "requires_approval": "boolean",
 "connector_id": "string | null",
 "metadata": {
  "description": "string",
  "tags": ["string"],
  "author_domain": "string"
 }
}

Execution environments

Environment

Description

sandbox

Isolated computation environment

browser

Controlled browser automation session

connector

External API via registered connector

infrastructure

DePIN or network-level operation

Appendix H — Risk Tier Classification#

The Policy Gate assigns a risk tier to every planned action before execution.

Tier

Label

Examples

Default Enforcement

1

low

Read-only data retrieval, knowledge queries

Allow

2

medium

Artifact creation, internal data writes

Allow

3

high

Connector operations, payment intents, application deployment

Require Approval

4

critical

Domain authority changes, irreversible infrastructure actions

Require Approval

Risk tier thresholds may be adjusted through policy profiles in the Admin module.

Appendix I — Audit Event Schema#

Every significant action within Workspace produces an audit event.

{
 "event_id": "string",
 "domain": "string",
 "event_type": "string",
 "actor": {
  "type": "user | agent | system",
  "id": "string"
 },
 "session_id": "string | null",
 "task_id": "string | null",
 "artifact_id": "string | null",
 "approval_request_id": "string | null",
 "timestamp": "ISO8601 timestamp",
 "outcome": "success | failure | blocked | pending",
 "detail": {},
 "immutable": true
}

Audit event types

Event Type

Description

session_started

GAR execution session initiated

session_completed

GAR execution session finished

policy_evaluated

Policy Gate completed an evaluation

approval_requested

Approval Center received a new request

approval_decided

Approver submitted a decision

action_executed

Tool or connector action performed

artifact_created

New artifact produced

knowledge_registered

Knowledge object added to index

memory_updated

Memory Graph updated

connector_accessed

External connector called

domain_event

Domain authority action performed

billing_event

Usage or payment event recorded

Appendix J — Workspace Layer Integration Map#

The following table describes how Workspace integrates with each of the eight Gao Internet layers.

Layer

Integration Point

Workspace Dependency

AI OS (L8)

GAR runtime, Planning Engine, Policy Gate

All agent execution and policy enforcement

DePIN (L7)

Storage nodes, infrastructure hosting

Artifact storage, App deployment

Network (L6)

Transport relay

Connector routing, messaging delivery

Domain (L5)

Identity resolution

All domain-bound actions and authority

Payment (L4)

Receipt reading, payment intents

Billing module, payment connector

SDK (L3)

Developer integration surface

App and tool deployment

Browser (L2)

Browser automation execution

Browser tools, web connector

Workspace (L1)

Operations interface

All user-facing modules

Appendix K — Execution Pipeline Reference#

The complete Gao AI OS execution pipeline as it relates to Workspace operations.

WORKSPACE
(User / Seal / Studio / Automation / Monitor)
        │
        ▼
PLANNING ENGINE
(Intent Analysis → Task Decomposition
Tool Binding → Risk Evaluation)
        │
        ▼
POLICY GATE
(Capability Check → Domain Authority Check
Risk Tier → Budget Check → Compliance Check)

Outcome: Allow | Require Approval | Deny
        │
   ┌────┴─────────────┐
   │                  │
Allow            Require Approval
   │                  │
   ▼                  ▼
GAR Runtime       Approval Center
Execution         Human Decision
   │
   ▼
EXECUTION ENVIRONMENT
(Sandbox | Browser Automation | Connector | Infrastructure)
   │
   ▼
OUTPUT SYSTEMS
Artifact Creation
Knowledge Registration
Memory Graph Update
Audit Event Recording

Appendix L — Glossary#

Term

Definition

Artifact

Immutable, versioned output object produced by an agent or workflow execution

Audit Event

Immutable record of a significant system action, decision, or state change

Capability

A declared permission that allows an agent to perform a specific class of action

Connector

A registered integration that allows agents to interact with an external service or API

Domain

A Gao Domain identity that anchors ownership, authority, and policy scope

GAR

Gao Agent Runtime — the execution engine of Gao AI OS

Knowledge Object

A processed, indexed, and classified unit of information available to agents

Memory Graph

The persistent relationship graph linking sessions, tasks, artifacts, and knowledge objects

Policy Gate

The enforcement checkpoint that evaluates all planned agent actions before execution

Policy Profile

A structured set of rules that defines governance behavior for agent executions

Risk Tier

A classification (low / medium / high / critical) assigned to planned actions by the Policy Gate

Safe Mode

A workspace configuration that routes all agent actions through the Approval Center

Session

A bounded GAR execution context initiated by a user, agent, or automation trigger

Skill

A packaged capability bundle that extends agent functionality

Task

A discrete unit of work within an execution session

Tool

A callable operation with a defined contract that agents may invoke during execution

Tool Contract

The schema that defines a tool’s interface, environment, capabilities, and risk classification

Taint

A trust annotation applied to external or unverified content to restrict agent usage

Workspace

The Operations Layer interface of Gao Internet — the primary environment for user and organization interaction