Trust Lifecycle

The Trust Lifecycle is OpenBox's governance model. It provides a structured approach to establishing, maintaining, and evolving trust in AI agents through 5 phases.

Access each phase via the tabs in Agent Detail.

┌─────────┐    ┌───────────┐    ┌─────────┐    ┌────────┐    ┌───────┐
│ ASSESS  │ →  │ AUTHORIZE │ →  │ MONITOR │ →  │ VERIFY │ →  │ ADAPT │
│         │    │           │    │         │    │        │    │       │
│ Initial │    │ Configure │    │ Runtime │    │ Goal   │    │ Trust │
│ Risk    │    │ Controls  │    │ Observe │    │ Check  │    │ Evolve│
└─────────┘    └───────────┘    └─────────┘    └────────┘    └───────┘
     ↑                                                            │
     └────────────────────────────────────────────────────────────┘
                         Continuous Improvement

Phase Overview

Phase	Tab	Purpose	Key Activities
Assess	Assess	Establish baseline risk	AIVSS configuration, risk profiling
Authorize	Authorize	Define allowed behaviors	Guardrails, policies, behavioral rules
Monitor	Monitor	Observe runtime execution	Sessions, metrics, telemetry
Verify	Verify	Validate goal alignment	Drift detection, attestation
Adapt	Adapt	Evolve trust over time	Policy suggestions, trust recovery

Trust Score

The Trust Score (0-100) aggregates across the lifecycle:

Trust Score = (AIVSS × 40%) + (Behavioral × 35%) + (Alignment × 25%)

Component	Phase	Description
AIVSS	Assess	Inherent risk based on capabilities and access
Behavioral	Authorize + Monitor	Compliance with policies and rules
Alignment	Verify	Consistency with stated goals

Trust Tiers

The Trust Score maps to Trust Tiers that determine governance strictness:

Tier	Score Range	Governance Level
Tier 1	90-100	Minimal constraints, high autonomy
Tier 2	75-89	Standard policies, normal monitoring
Tier 3	50-74	Enhanced controls, frequent checks
Tier 4	25-49	Strict governance, HITL required
Untrusted	0-24	Supervised mode, all actions require approval

Lifecycle Flow

New Agents

Assess - Configure AIVSS and risk profile
Authorize - Set up initial guardrails and policies
Agent begins operation
Monitor - Observe sessions and metrics
Verify - Check goal alignment
Adapt - Review suggestions, adjust policies

Ongoing Governance

The lifecycle is continuous. As agents operate:

Behavioral scores update based on compliance
Alignment scores update based on goal checks
Trust Tiers adjust automatically
Policy suggestions emerge from patterns

Navigating the Lifecycle

In Agent Detail, click the phase tabs:

Assess - View/edit risk configuration
Authorize - Manage guardrails, policies, behavioral rules
Monitor - View sessions, metrics, telemetry
Verify - Check alignment, view attestations
Adapt - Review suggestions, handle approvals

Next Steps

Follow the Trust Lifecycle phases in order:

Assess - Start here to understand your agent's risk profile
Authorize - Then configure what your agent is allowed to perform
Monitor - Watch your agent operate in real-time
Verify - Validate goal alignment
Adapt - Evolve trust based on behavior

Phase Overview​

Trust Score​

Trust Tiers​

Lifecycle Flow​

New Agents​

Ongoing Governance​

Navigating the Lifecycle​

Next Steps​