Risk Control

Script Risk Levels

Risk StandardExecFabric currently fixes script / Skill risk levels to low / medium / high. These levels decide how conservative the platform should be during onboarding, confirmation, authorization, and execution.

This is not marketing wording. It is a concrete governance rule for scripts, file handling, local execution, and operations work.

A risk level does not answer whether a capability is useful. It answers how large the impact area is once it runs, how reversible it is, and whether manual confirmation should remain stricter.

lowmediumhighmanual confirmationauthorization boundary

View CLI metadata rules Discuss onboarding boundaries

EXECFABRIC // RISK LEVELSDOC 08

const low = 'read_only / reorganize / copy_out'const medium = 'real_data / local_run / external_access'const high = 'deploy / rollback / overwrite / delete'

DECLARED / GOVERNED / TRACEABLE

Current Rule

How the current risk level is derived

Registered directories, official script packages, and tenant initialization capabilities first read explicit risk_level metadata.
The CLI scanner reads @risk / risk_level from script comments, docstrings, or sidecar metadata.
The web upload registration path currently reads the same markers from the script header or docstring.
If no explicit level is declared, the current default is medium, not low.

Three Levels

The three-level standard

Level	Typical actions	Examples	Governance guidance
`low`	Read-only, analysis, reorganization, or copy generation without directly changing production state	Directory cleanup, batch image renaming, log error extraction, text deduplication, CSV profiling	Manual confirmation can still stay on by default. Relax only after the input boundary is clearly defined.
`medium`	Touches real data, the local environment, external systems, or batch outputs, but usually does not directly change production state	Pre-release checks, local Agent execution, crawlers, internal data aggregation	Keep manual confirmation by default and limit role visibility, timeout, and invocation scope.
`high`	Deployment, rollback, deletion, overwrite, remote commands, or production-environment changes with higher impact	Remote Compose deployment, remote Compose rollback, irreversible batch writes	Do not open as default AI auto-run. Keep manual confirmation and stricter authorization boundaries.

Why Many Look Low

Why many public examples currently look lower risk

The first public samples focus on file reorganization, text cleanup, log extraction, and demo capabilities, so they naturally sit closer to low.
Medium- and high-risk actions are still concentrated in the public official operations package and are not dropped into tenant-facing experience pages by default.
The early web-upload path used a lower default too often. This has already been unified to medium.

What To Do

What to do when onboarding a new script

Write @risk low|medium|high explicitly in the script header instead of leaving the decision to oral agreement.
If you are unsure, treat it as the higher level first instead of labeling it low.
Anything involving deployment, rollback, deletion, overwrite, or remote commands should not be treated like a normal utility script.

One Sentence

One-sentence summary

ExecFabric's script risk levels are not a scoring showpiece. They exist so the impact boundary is declared and governed before onboarding, manual confirmation, authorization, and audit.