NIG Agent Charter
← Active agents

teams/procurement-eu

Supplier Risk Agent

Help procurement managers assess supplier onboarding risk before creating supplier records.

Charter version
b4ce65ae654
Review Status
Unapproved Changes
Alignment
Not aligned
Exposure
External action
Valid charterNot aligned2 open findings2 high riskprocurement_managers

Review packet

Findings stay advisory and disputable. Fixes are detected by rerunning review.

Not aligned
highopen

Direct supplier email send path bypasses approval

The Agent Charter requires approval for supplier_email actions, but the implementation exposes a direct send path for supplier follow-up email.

Charter approval requirement

supplier-risk-agent/agent.yml:38-42

send_supplier_email requires_approval: true and reversible: false.

Implementation action path

supplier-risk-agent/src/index.ts:54-57

sendSupplierEmailPilotFastPath delivers supplier email without approval.

Developer next step

Add an approval handoff before email send, or remove the direct send path and keep email draft-only.

Reviewer prompt

Decide whether this action must be approval-gated before pilot or the charter needs a reviewed scope change.

highsent to reviewer

External irreversible action needs explicit reviewer attention

Supplier email is external and irreversible. The Review System should keep it visible until a Reviewer records a decision.

External Resource

supplier-risk-agent/agent.yml:22-27

supplier_email is external and grants write_access to procurement_managers.

Developer next step

Send reviewer context after narrowing the email capability to approved supplier contacts.

Reviewer prompt

Confirm that approval mode and pilot exposure are acceptable for an external irreversible Action.

Resources

supplier_database

Internal

Supplier master data and onboarding records.

Read
procurement_managers
Write
procurement_managers

supplier_email

External

Email channel to supplier contacts.

Read
None
Write
procurement_managers

Tools and actions

supplier_admin

Review and update supplier onboarding records.

Reads: supplier_database

create_supplier_record

Create a supplier record after onboarding approval.

Approval requiredReversible

Resource: supplier_database

send_supplier_email

Send an email requesting missing onboarding information.

Approval requiredIrreversible

Resource: supplier_email