REASON

acf.classify-agent

Pre-go-live qualification of an AI agent — ten qualified-enum input fields, one structured output: autonomy level, criticality, AI Act role, applicable obligations, DDAO controls, required sign-offs.

!Warning

This tool produces a preliminary qualification, not legal advice. requires_human_review is always true in the output. All enum fields are strict — the call is rejected, not guessed.

When to use

Use this tool when an AI system is heading toward go-live and you need a structured first verdict on five questions at once: what autonomy level it operates at, what criticality it carries, what regulatory role it plays (AI Act + GDPR), what controls to put in place, and who must sign off on production. The tool aggregates the five verdicts into one call.

It is not a production-time tool: it is a scoping tool. The output is designed to land in an ACF-07 (First Agent Dossier) card that the DDAO will review and complete.

Input parameters

Ten core fields, all required unless noted. Enums are strict — the tool rejects the input rather than guessing.

namestring (2-200)required

Short agent name. Appears in the rationale and audit trail.

descriptionstring (20-1000)required

Free-text description of what the agent does, where it acts, on what assets. The more precise, the stronger the inference.

decisions_takenstring[] (1-20)required

List of operational decisions the agent makes (“assign a score”, “send an email”, “write to Salesforce”…).

human_approval_required"always" | "sometimes" | "never"required

How often does a human approve decisions? Directly influences the inferred autonomy level.

personal_data_level"none" | "standard" | "sensitive_special"required

Level of personal data handled. sensitive_special covers health, biometrics, political opinion, etc.

financial_exposure"none" | "low_operation" | "medium_contract" | "high_corporate"required

Financial exposure per decision. medium_contract = contractual commitment; high_corporate = trading, massive transfer.

external_actions"none" | "read_only" | "limited_write" | "full_write"required

Write capability against external systems (CRM, ERP, banks, third-party APIs).

gpai_usedbooleanrequired

Does the system use a GPAI (general-purpose LLM such as GPT, Claude, Gemini, Mistral) under the hood? Triggers AI Act Art. 51-55 obligations.

usage_audience"internal" | "third_party_b2b" | "public_consumer"required

Who sees the output? public_consumer raises the GDPR and transparency obligations bar.

sectorstring (≤80)

Free-text sector (“banking”, “healthtech”, “public sector”…). Helps weight the criticality.

jurisdiction("eu" | "uk" | "us" | "ca" | "ch" | "br" | "jp" | "other")[]

Jurisdictions where the agent operates. Activates the EU AI Act + other frameworks.

ai_act_triggersAiActTriggerEnum[]

Explicit Annex III triggers (biometrics, critical infrastructure, recruitment, credit scoring…) or “none”.

processing_purposesProcessingPurposeEnum[]

GDPR processing purpose (HR, marketing, financial, support, healthcare, public, compliance…).

locale"en" | "fr"default: "en"

Language of the textual output.

Output schema

The output is an eighteen-field structured object + signed footer.

acf_level{ level: "N0"|"N1"|"N2"|"N3", rationale: string }

Recommended ACF® autonomy level and its rationale.

criticality{ score: "low"|"medium"|"high"|"critical", rationale, matrix_ref }

Criticality score from the ACF-02 matrix, with a reference to the matrix cell.

regulatory_qualifications{ likely_ai_act_role, likely_gdpr_status }

Likely AI Act role (provider, deployer, importer, distributor…) and likely GDPR status (controller, processor, joint controller).

ai_act_obligations{ pre_go_live[], continuous[], on_incident[] }

AI Act obligations split by lifecycle phase, with article + requirement + applicable date.

applicable_fiches{ code: string, why: string }[]

ACF® methodological cards to mobilise (ACF-00 to ACF-16), with the reason for each retained card.

recommended_controlsstring[]

Plain-English controls for the business team.

ddao_controlsstring[]

Same controls in canonical ACF® vocabulary (C-AUTONOMY-XX, C-LOG-XX, etc.), for the DDAO.

ddao_escalation{ required: boolean, trigger_thresholds: string[] }

Is DDAO escalation required? If so, on which thresholds?

sign_off_required{ security, privacy, compliance, legal, business_sponsor, board: boolean }

Who must sign off on go-live? Six internal roles.

confidence"low" | "medium" | "high"

Global confidence level of the qualification.

assumptionsstring[]

Explicit assumptions the qualification rests on.

gaps_to_validatestring[]

Identified gaps that the human review must close.

requires_human_reviewtrue

Constant. No call returns false.

Example call

A SaaS agent qualifying inbound B2B leads:

classify-agent.tstypescript

import { Client } from "@modelcontextprotocol/sdk/client/index.js";
import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";

const transport = new StdioClientTransport({
  command: "npx",
  args: ["-y", "acf-mcp"],
});
const client = new Client({ name: "demo", version: "1.0" }, {});
await client.connect(transport);

const result = await client.callTool({
  name: "acf.classify-agent",
  arguments: {
    name: "B2B lead-qualification agent",
    description:
      "Receives raw inbound leads from the website form, enriches them with public LinkedIn data, scores them on fit, and writes a category to Salesforce.",
    decisions_taken: [
      "assign a fit score 0-100",
      "tag as MQL or disqualified",
      "write the result to the Salesforce lead record",
    ],
    human_approval_required: "sometimes",
    personal_data_level: "standard",
    financial_exposure: "low_operation",
    external_actions: "limited_write",
    gpai_used: true,
    usage_audience: "internal",
    sector: "saas",
    jurisdiction: ["eu", "uk"],
    ai_act_triggers: ["none"],
    processing_purposes: ["marketing"],
    locale: "en",
  },
});

console.log(JSON.stringify(result.content, null, 2));

Response

response.jsonjson

{
  "acf_level": {
    "level": "N1",
    "rationale": "Decision is automated but a human sign-off remains in the loop for MQL routing. Tagged as N1 (assisted) — graduate to N2 only after a 30-day drift review."
  },
  "criticality": {
    "score": "medium",
    "rationale": "Limited financial exposure + standard personal data + internal audience. The risk is reputational and pipeline-quality, not life-safety or financial.",
    "matrix_ref": "ACF-02 §3.2"
  },
  "regulatory_qualifications": {
    "likely_ai_act_role": "deployer",
    "likely_gdpr_status": "controller"
  },
  "regulatory_qualifications_confidence": {
    "likely_ai_act_role": "high",
    "likely_gdpr_status": "high"
  },
  "ai_act_obligations": {
    "pre_go_live": [
      { "article": "Art. 50", "requirement": "Inform leads that an AI is involved in the scoring", "applicable_date": "2026-08-02" }
    ],
    "continuous": [
      { "article": "Art. 13", "requirement": "Maintain end-user transparency about the scoring logic", "applicable_date": "—" }
    ],
    "on_incident": []
  },
  "applicable_fiches": [
    { "code": "ACF-04", "why": "Defines the agent identity card — required for any production agent" },
    { "code": "ACF-12", "why": "Mandate of the agent under a named DDAO" },
    { "code": "ACF-06", "why": "Kill switch testing every quarter" },
    { "code": "ACF-08", "why": "Signed decision register — six-month retention by deployer" }
  ],
  "recommended_controls": [
    "Disclose AI involvement in the contact form",
    "Log every score assignment with input and rationale",
    "Quarterly drift review of MQL precision/recall"
  ],
  "ddao_controls": [
    "C-AUTONOMY-01 — N1 gating: every MQL → human review before SDR outreach",
    "C-LOG-03 — Signed decision register branched to ACF-08",
    "C-DRIFT-02 — Monthly drift dashboard for fit-score distribution"
  ],
  "ddao_escalation": {
    "required": true,
    "trigger_thresholds": [
      "fit-score distribution shifts by > 2σ vs baseline",
      "MQL → SQL conversion drops by > 30% week over week",
      "any complaint from a tagged lead"
    ]
  },
  "sign_off_required": {
    "security": false,
    "privacy": true,
    "compliance": true,
    "legal": false,
    "business_sponsor": true,
    "board": false
  },
  "confidence": "high",
  "assumptions": [
    "Lead enrichment uses only public LinkedIn data via official API",
    "No special-category personal data is processed"
  ],
  "gaps_to_validate": [
    "Confirm Salesforce write scope — the agent should NOT update opportunity stages",
    "Confirm retention period of the signed register (six months minimum per Art. 26(6))"
  ],
  "requires_human_review": true,
  "doctrine_version": "ACF framework v1.0 / rules 2026-06",
  "doctrine_hash": "sha256:bf0b6d8e4731ebdc58f6d6338702c5b74af47874cf0ad3dc958cde5c5b30b9dc",
  "doctrine_signature": "ed25519:…",
  "doctrine_archive_url": "https://acfstandard.io/doctrine/v1.0/archive.json",
  "regulatory_snapshot": "EU AI Act 2024/1689 · GDPR 2016/679 · ISO 42001:2023 · NIST AI RMF 1.0 · COBIT 2019 — frozen 2026-06",
  "generated_at": "2026-06-14T11:47:22.318Z",
  "conversion_cta": "Generate the full auditable PDF report on https://acfstandard.com/compliance?ref=mcp",
  "disclaimer": "Preliminary qualification only — not legal advice. Human review required."
}

Common errors

InvalidEnumValue — an enum field receives an out-of-list value (e.g. financial_exposure: "medium"). Fix to one of the canonical values.
InputTooShort — description < 20 chars or decisions_taken empty. The tool does not guess — fix the input.
DoctrineSnapshotMismatch — the requested doctrine_hash is not loaded. Update acf-mcp or point at the archived version.

acf.assess-autonomy — drill into the autonomy-level decision in isolation.
acf.map-ai-act-obligations — get the exhaustive AI Act obligation set once the qualification is stable.
acf.assign-ddao-controls — assign the concrete controls the DDAO must enforce.