Aegis Protocol — Developer Guide

Aegis
Verification Workflow

How Aegis intercepts, verifies, and controls autonomous AI purchases — from user request to transaction execution.

1
User Layer
User Issues Purchase Instruction

The user gives their AI agent a natural language instruction that will result in a purchase. The agent begins executing the task.

# Example user instructions that trigger purchase verification
"Book me a flight to Austin under $400 round trip"
"Order 50 units of SKU-4421 from our approved vendors"
"Find and purchase the best-rated noise canceling headphones under $300"
2
Agent Layer
Agent Researches and Proposes Transaction

The purchasing agent searches, compares options, and selects a product/service. Before executing payment, it emits a structured purchase intent object that the audit layer intercepts.

# The agent creates a PurchaseIntent before executing
purchase_intent = {
  "item": "Sony WH-1000XM5 Headphones",
  "price": 278.00,
  "currency": "USD",
  "seller": "electronics-deals-store.com",
  "original_instruction": "best noise canceling headphones under $300",
  "payment_method": "card_ending_4242",
  "terms": "non-refundable, ships in 5-7 days"
}
3
Verification Layer
Audit Agent Runs 5 Verification Modules

The purchase intent is intercepted by Aegis, which runs five independent verification checks in parallel. Each module returns a risk score (0–100) and a confidence level.

💰
Price Check
Compare against market prices across multiple sources
🎯
Intent Match
Verify purchase aligns with the original user request
🔑
Authorization
Check budgets, limits, and spending permissions
🛡️
Seller Verify
Validate merchant legitimacy and reputation
📋
Terms Review
Analyze refund policy, auto-renew, hidden fees
# Developer integration — one line to verify
from aegis import verify_purchase

result = await verify_purchase(
  intent=purchase_intent,
  policy="default"  # or custom policy config
)

# result.decision → "approve" | "flag" | "block"
# result.scores → { price: 85, intent: 92, auth: 100, seller: 34, terms: 60 }
# result.reasons → ["Seller has no verified business registration", ...]
4
Decision Layer
Policy Engine Returns Decision

Module scores are aggregated and evaluated against the user's configured policy. The decision engine returns one of three outcomes:

APPROVE
All checks pass. Transaction proceeds automatically.
⚠️
FLAG
Concerns detected. Transaction paused. User notified with specific issues for review.
🚫
BLOCK
Critical risk identified. Transaction rejected. Detailed explanation provided.
# Handle the verification decision in your agent
if result.decision == "approve":
  await execute_purchase(purchase_intent)

elif result.decision == "flag":
  await notify_user(
    message=f"Purchase flagged: {result.reasons}",
    options=["approve_anyway", "cancel", "find_alternative"]
  )

elif result.decision == "block":
  await reject_purchase(reason=result.reasons)
5
Execution Layer
Execute Transaction and Log Audit Trail

Approved transactions execute normally. Every verification — whether approved, flagged, or blocked — is logged to an immutable audit trail for compliance, analytics, and continuous improvement of verification accuracy.

# Audit log entry (automatic — no developer action needed)
{
  "timestamp": "2026-03-01T14:32:00Z",
  "purchase_intent": { ... full intent object ... },
  "verification_scores": { "price": 85, "intent": 92, "auth": 100, "seller": 34, "terms": 60 },
  "decision": "flag",
  "reasons": ["Unverified seller", "Non-refundable"],
  "user_action": "cancelled",
  "outcome": "saved $278 on suspicious merchant"
}

Framework Integrations

Drop-in integration with all major agent frameworks

LangChain

Use as a Tool in any LangChain agent chain

from aegis.integrations import
  LangChainAuditTool

tools = [LangChainAuditTool()]

CrewAI

Add as an agent tool for any purchasing crew

from aegis.integrations import
  CrewAIAuditTool

agent = Agent(tools=[CrewAIAuditTool()])

Claude MCP

Native MCP server for Claude-based agents

// claude_desktop_config.json
{
  "mcpServers": {
    "audit": {
      "command": "aegis-mcp"
    }
  }
}

REST API

Universal HTTP endpoint for any framework

POST /v1/verify
Authorization: Bearer sk_...
Content-Type: application/json

{ "intent": { ... } }