Governance has to evolve with the technology.
Three proprietary frameworks define how Hexaxia AI builds, operates, and evolves autonomous systems. AGF says what agents can and cannot do. APF says how they behave. ASIP says how they change, with a human in the loop on every change. All three are model-agnostic: they apply to any agent regardless of the LLM underneath.
What can our AI agents do, and how do they change?
Most AI vendors will tell you what their agents do well. We document what ours are allowed to do at all, how they are supposed to do it, and how they are allowed to change. The three frameworks below are the substrate behind every Hexaxia AI product and every engagement.
AGF
Agent Governance Framework
What agents can and cannot do.
Authorization scopes. Safety boundaries. Audit requirements. Compliance posture. Lifecycle controls. Escalation paths. The constitution that defines the limits of agent action.
APF
Agentic Protocol Framework
How agents behave.
Ten operational protocols that prevent the failure modes that wreck production AI agents. Temporal grounding. Session context. Epistemic honesty. Self-fix. Delegation. How the institution operates within the constitution.
ASIP
Agent Self-Improvement Protocol
How agents change, without drift.
Agents notice friction. Agents write proposals. Humans review on their own clock. Approved changes land in memory, skill, or behavior. Rejected ones get a reason. Every evolution leaves a trail. The amendment process that keeps agents improving without drifting.
All three frameworks are proprietary intellectual property of Hexaxia. Clients see the source documents during onboarding and may cite them in their own security and compliance documentation.
Six domains, written down.
Each domain has its own document. Each policy is numbered and citable. Each template is reusable across agents.
Authorization
Who can deploy which agent. What scope it operates in. How permissions are granted and revoked. Cross-agent communication rules.
Safety
Prohibited actions. Confidence thresholds before automation. Human-in-the-loop gates. Kill switches and circuit breakers when the agent is doing something it should not.
Audit
Every action logged. Every decision carries its reasoning. Incident documentation is structured. Responsibility chains are explicit.
Compliance
AI ethics standards. Regulatory posture. Client rights. Data handling. Where the agent stops because the law says so.
Lifecycle
Versioning agents. Deploying them. Rolling them back. Deprecating them. The boring operational discipline that keeps the system stable.
Escalation
When the agent hits something it cannot handle, where does it go. Classification. Response procedures. Post-incident review that actually changes something.
Ten protocols, each killing a failure mode.
APF is the operational reliability layer between foundation models and production deployment. Every protocol addresses a documented failure mode that ungoverned agents reliably hit.
Date/Time Awareness
Prevents: Temporal disorientation
Session Context
Prevents: Session amnesia
Theorizing & Verification
Prevents: Epistemic confusion
Self-Fix
Prevents: Error accumulation
Persistent Task Tracking
Prevents: Cross-session discontinuity
Permission
Prevents: Uncontrolled state changes
Subagent Delegation
Prevents: Inefficient resource use
Plus three more, including enforcement and self-awareness
Improvement, not drift.
Two failure modes wreck AI agents over time. They stagnate, or they drift. ASIP is how we get neither. Every change is proposed, reviewed, and recorded. No silent updates. No quiet personality shift.
- 01Observe
Agents notice friction, gaps, or repeated workarounds during normal operation. Operator corrections count too. Anything that should generalize gets flagged.
- 02Propose
Agents write a structured proposal: observation, current behavior, proposed change, expected impact. Numbered, citable, with a category (memory, skill, behavior, tooling, architecture, process).
- 03Review
A human reviews on their own clock. Approved goes to the applied queue. Rejected gets a reason. The agent is told not to push for immediate approval. Drift is what happens when this step gets skipped.
- 04Apply
Approved changes land in the right surface: memory file, skill update, behavioral rule, code change. The trail stays: the proposal, the review, the version of the agent that did the work afterward.
Proposal categories
- Memory
- Skill
- Behavior
- Tooling
- Architecture
- Process
Off-the-shelf governance is a slide deck.
There is no shortage of AI safety frameworks on the public internet. Most of them are non-operational. They describe principles. They do not tell your agent what to do at three in the morning when something is going sideways.
We built AGF and APF because we needed both layers to be executable, not aspirational. A policy that does not have a numbered enforcement path is a wish. A protocol that does not have a failure mode it prevents is decoration. Every rule in these frameworks earns its place by killing a specific problem we have seen in production AI systems.
The frameworks stay proprietary because the substance is the IP. We invested in writing them, refining them against real engagements, and keeping them sharp. Clients see the actual documents during engagement, can cite them in their own security posture, and inherit the rigor without paying for the rebuild.
Not a document. A substrate.
Every executive in the boardroom runs against AGF and APF. Authorization scopes, audit trails, escalation paths. The boardroom keeps the receipts.
Engagements include both frameworks as the policy substrate. Your team gets the rules and the principal who runs against them.
When we ship code in your repo, the systems we build inherit the AGF and APF defaults. You can override them; you cannot accidentally skip them.
See the frameworks the way clients do.
The frameworks live inside engagements, not on a public download page. If you want to read them in detail, the path is a conversation. Fractional CAIO or Build-with brings them into your stack.