The Blast Radius Model: Scoping Authority

2026-05-07
Section 2 · Trust ArchitectureThe first design decision

Match autonomy to recoverability.

Every agent action belongs in one of four zones, defined not by what the action does but by what it would take to undo it. The zone determines the policy, full stop.

Zone 0

Reversible & Internal

Examples

  • ·Read a knowledge base
  • ·Generate a draft document
  • ·Query a data warehouse
  • ·Write to scratch storage

Default policy

Full autonomy. No approval gates. Log and move on.

Zone 1

Reversible & External

Examples

  • ·Send a draft email to internal recipients
  • ·Open a Jira ticket
  • ·Post to an internal channel
  • ·Schedule a calendar invite

Default policy

Autonomous within rate & volume budgets. Easy rollback path required.

Zone 2

Hard to Reverse

Examples

  • ·Send to external customer
  • ·Modify CRM or ticketing system of record
  • ·Trigger a deployment
  • ·Issue a refund under threshold

Default policy

Pre-flight validation required. Human-on-the-loop. Two-person rule for high-value actions.

Zone 3

Effectively Irreversible

Examples

  • ·Wire transfers / payments above threshold
  • ·Contractual commitments
  • ·Public statements at scale
  • ·Production data deletion

Default policy

Human-in-the-loop required. Agent proposes; human commits. Always. No exceptions.

Architect's discipline: map every tool an agent can call into a zone, before you ship. The zone — not the agent's confidence score, not the model's capability — sets the gate. Confidence scores can be wrong; zones are a property of the system, not the model.