Glossary

Risk class

READ_ONLY risk class

The risk class for analysis or retrieval tool calls that do not change external state.

Definition

READ_ONLY applies to tool calls that inspect, retrieve, calculate, summarize, or analyze without writing to external systems or committing business actions.

Why it matters

Separating read-only analysis from consequential actions lets teams move quickly without giving agents uncontrolled execution rights.

How HARNEXA uses it

PHANTOM uses read-only tools for account context, SKU velocity, planogram checks, and proposal preparation before the approval boundary.

FAQ

Questions this definition answers.

Do READ_ONLY actions require approval?

Usually no. They still pass through identity, permission, budget, sensors, and audit logging.

Can a proposed order be READ_ONLY?

Yes, if it is only a recommendation and no order is submitted or external system is changed.

Related terms

Need these definitions mapped to a live commerce workflow, agent estate, or protocol-readiness path?

Book diagnostic sprint