What is a capability lifecycle for AI agents?

A capability lifecycle shows how agent authority is issued, delegated to a child, attenuated with caveats, revoked before the next request, and preserved as Evidence Pack proof.

How do caveats translate into customer controls?

Caveats are enforceable limits: tenant, task, route, tool, budget, child spend cap, delegation depth, expiry, and revocation rules evaluated before execution.

Why does delegation depth matter?

Delegation depth helps limit governed sub-agent chains. A child can receive narrower authority and reaches the configured delegation limit unless policy explicitly allows another handoff.

Capability lifecycle control

Control the full authority lifecycle: issue, delegate, attenuate, revoke, prove

SatGate turns macaroons and caveats into auditable controls: scoped authority, child spend caps, delegation depth, next-request revocation, and Evidence Pack audit records before governed access to paid APIs, models, or MCP tools. Observe who is acting, control what can happen, and prove the decision trail.

Walk the lifecycle See SatGate governance Read capability-token guide

1. Issue capability

Allowed

Issue scoped authority to the parent agent

Grant authority for one defined job — not open-ended access.

Issue a macaroon-style capability with caveats for tenant, task, allowed tools, budget, expiry, and delegation depth.

Proof event

parent capability created

Visible delegation state

Parent capability

cap_parent_1042

Child capability

cap_child_77ac

depth: 1 / 1

Tenant

acme-prod

only this customer environment

Task

invoice-reconciliation

only this job

Route scope

/invoices/read-only

only this API path and action set

Parent budget

$25.00

total spend ceiling

Child spend cap

$5.00

child capability cannot exhaust the parent budget

Child spend used

$0.28 / $5.00

remaining spend stays visible

Delegation depth

1 child level

limits downstream delegation chains

Allowed child tools

repo_search, invoice_read

approved read-only tools

Denied tools

payment_release, vendor_update

high-risk actions are blocked

TTL

15 minutes

expires with the task window

Macaroons and caveats, translated into enterprise controls

Attenuation becomes bounded authority: what the agent may do, how far it may delegate, how much the child may spend, when authority expires or is revoked, and what proof remains.

Macaroon

A portable credential that carries bounded-authority caveats.

Caveat

An enforceable limit on budget, tool, route, tenant, time, delegation depth, or revocation state.

Attenuation

Making a child capability narrower than the parent. Delegation adds caveats without removing or widening parent limits; gateway policy enforces the result.

Delegation depth

How many handoffs are allowed before the chain must stop.

Revocation check

A revocation control evaluated before the next model, API, or MCP tool call.

Evidence Pack

An audit bundle showing who authorized what, which limits were evaluated, and why SatGate allowed or denied the request.

Evidence Pack preview

Proof after revocation

A complete lifecycle record does not stop at “token issued.” It captures the child capability’s narrower caveats, visible depth limit, next-request revocation result, and receipt context.

Scoped authority

route, tool, budget, tenant, task

Delegation lineage

parent → child with depth visible

Next-request revocation

blocked before the next request

Audit proof

receipt and Evidence Pack IDs

Field

Value

Decision proof

receipt_id

rcpt_cap_8f41

The receipt for this decision.

parent_token_id

cap_parent_1042

Shows who delegated the authority.

child_token_id

cap_child_77ac

Shows which worker tried to act.

delegation_depth

1 / 1

Shows this governed child is at the configured delegation limit.

decision

deny_after_revoke

Shows the gateway blocked before execution.

remaining_budget_usd

4.72

Shows spend left when revoked.

policy_version

capability-lifecycle-v3

Shows the exact rule set used.

evidence_pack_id

evp_agent_authority_20260510

Bundles the proof for audit.

This is the capability lifecycle enterprises can govern.

Issue the capability, delegate a narrower child, express the caveats in plain language, revoke before the next governed request, and export the proof. That is how macaroon-style caveats become enterprise-ready agent authority controls.

Generate capability policy See Policy-to-Proof