Agent identity does not confer authority. This lab demonstrates a concrete instance of that principle: an agent can operate on external capabilities without holding persistent authority. Authority is issued as a time-bounded grant, formally justified through a provenance chain, recorded in an append-only ledger, and mandatorily revoked after use. The system implements a six-state capability lifecycle (requested → evaluated → granted → active → completed → revoked), enforced through a governor layer architecturally separated from the protocol adapter (mcp-bridge). Six Architectural Decision Records (ADR-001 through ADR-006) govern the design constraints. A key finding is that the mcp-bridge pattern requires explicit architectural constraints to prevent governance collapse: without ADR-005, the adapter naturally accumulates governance logic, collapsing the authority/execution boundary. The implementation passes four validation scenarios and produces deterministic post-hoc audit via replayCapabilitySession. This project extends AI-Workflow-Learning-Lab v2.0 and instantiates in running code the AMO core principle: authority must collapse before mutation becomes reachable.
Ricardo Rubio Albacete (Sun,) studied this question.