Delegation Client
Status: Admitted, in build-out
The runtime delegation client contract is admitted at the SDK kernel level. The contract pins how an SDK consumer integrates with the runtime delegation gateway + output firewall; the client surface is in active build-out.
What This Client Does
The Delegation Client is the SDK surface for a mod or app that integrates with delegated capability — proposing observations, queries, intents, tool requests, presentation updates, artifact creates, or controlled tests through the runtime delegation gateway.
All proposals go through the runtime output firewall (see Runtime → Delegated Capability). The SDK does not let proposals reach a consumer surface pre-firewall.
Method Surface
| Method | Purpose |
|---|---|
OBSERVE | Submit a typed observation |
QUERY | Submit a typed query |
SUGGEST_INTENT | Propose an intent |
SUGGEST_TOOL_REQUEST | Propose a tool call |
SUGGEST_PRESENTATION | Propose a presentation update |
CREATE_ARTIFACT | Propose creating an artifact |
CONTROLLED_TEST | Run a controlled, sandboxed test |
All of these are suggestions / observations, not actions.
No Fallback Knobs
The SDK surface deliberately does not expose route / provider rescue fallback knobs for delegation. Internal runtime fallback may exist as a low-level strategy; it must not weaken typed public contracts. A delegation that fails firewall is reported as the typed failure — not silently retried with a different provider.
Reader Scenario: Mod Proposes A Tool Call
A mod backed by an external AI proposes a tool call.
- Mod calls SDK.
delegationClient.suggestToolRequest(...). - Runtime delegation gateway opens. Per the trust tier of the provider profile.
- Output firewall validates. Schema, provenance, descriptor hash, sensitivity classification, prompt poisoning detection.
- Verdict. Typed verdict (
ACCEPTED_SUGGESTION,APPROVAL_REQUIRED,QUARANTINED, etc.). - If approved: Runtime acts under its own audit lineage; SDK surfaces the typed result to the mod.
What This Client Does Not Do
- It does not let proposals bypass the output firewall.
- It does not expose route or provider rescue knobs.
- It does not let consumer code execute proposed actions directly.
- It does not silently retry across providers when contract failure.