PUBLIC

Models Propose. HELM Governs Execution.

Keep model suggestions separate from the boundary that allows action

Models should propose actions while HELM governs execution.

CURRENT 4 min Introductory Paper
Article map
Maps to
Maps to HELM AI Kernel
Status
PUBLIC
Reviewed
2026-06-08

Proof-safe research note.

The model should draft and propose work, while HELM checks whether the work may run. This paper describes the separation between stochastic suggestions and policy-based execution authority.

Model BoundariesPolicy ChecksTool Governance

What this does and does not claim.

Does
  • Frames model proposal and HELM execution governance as a research lens for governed AI execution.
  • Separates model proposal from execution authority.
  • Keeps product claims tied to current public HELM evidence surfaces.
Does not
  • Does not claim every described pattern is generally available in production.
  • Does not claim third-party certification, vendor partnership, or compliance attestation.
  • Does not make local demos, tests, or diagrams equivalent to live customer proof.

Claim, boundary, evidence implication.

Claim

Models should propose actions while HELM governs execution.

Boundary

The claim is about the public execution-boundary pattern, not every private Enterprise capability.

Evidence

Public claims should point to Kernel policy, conformance, receipt, and verifier evidence.

Diagram interlude

Execution is a separate authority surface.

HELM keeps proposal generation separate from the decision to act, so missing policy, approval, or proof can deny or escalate before dispatch.

Execution BoundaryFAIL-CLOSEDSIGNEDREPLAYABLE
A proposed AI action becomes executable only after HELM checks policy and records the verdict.
Execution BoundaryProposal enters HELM's execution boundary, receives an allow, deny, or escalate verdict, and records proof in a receipt ledger.PROPOSALEXECUTION BOUNDARYVERDICT + PROOF
SELECT TACTILE CONSOLE ACTION:

Choose a sample request to see the verdict route and receipt posture.

Text description

Proposal: an agent submits signed intent with actor, action, scope, and connector.

Execution boundary: HELM checks identity, policy, risk, approval state, and connector grant before any side effect.

Verdict and proof: HELM allows, denies, or escalates, then records a replayable receipt.

Open standalone diagram

Many agent frameworks mix intelligence and authority. The model decides what to do and then calls the tool. That creates a direct path from guesswork to side effects.

Models Propose Section

The Proposal

In this architecture, models advise and draft. They read context and suggest work. The request becomes a structured spec that can be checked. The model’s output is never executed directly. It is treated as untrusted input.

The Governance Boundary

Once a request is created, it crosses the governance boundary. The system checks it before any tool runs:

  1. Shape check: Is the request written in the expected form?
  2. Policy check: Does the action break company rules or role limits?
  3. Human review: Does this action need a person to approve it first?

Execution and Evidence

Only after the request passes the checks can a tool run. The model does not run the tool by itself. Every step can be recorded: the request, the checks, any human approval, and the final result.

This separation lets a company use AI reasoning without giving the model final authority over tools, systems, or customer-facing work.

Request architecture review Back to Research