Runtime / Enforcement & Integration

GTAF Runtime

Deterministic runtime enforcement core

GTAF Runtime is where TNT's governance model becomes enforceable system behavior. It is the execution gate between a proposed action and a real external effect.

The important thing is the deterministic contract: binary outcomes, explicit reason codes, and a runtime path that fails closed when delegation is invalid. The current public implementation demonstrates that contract, but does not define its architectural scope.

Public runtime core · reference implementation available

The enforcement core that turns evaluated governance outputs into executable allow/deny decisions. The public implementation demonstrates the contract, but the runtime model is broader than one language.

Open repository Current public package Back to publications

What TNT built

GTAF Runtime is TNT Intelligence's enforcement core for delegated action.

It is the layer where governance stops being descriptive and becomes executable: a proposed action enters the runtime together with evaluated governance outputs and context, and the runtime returns a deterministic decision.

Capability is not permission. Proposal is not authority. The runtime is the gate between the two.

Deny by default

If delegation is invalid, inconsistent, unsupported, or out of scope, execution fails closed.

Deterministic contract

The public runtime exposes binary outcomes, explicit reason codes, and frozen semantics for its current projection contract.

Language is not the point

The current public implementation demonstrates the contract, but the important thing is the enforcement model and contract surface, not a language-specific positioning.

Execution path

The runtime sits on the narrowest and most important line in the system:

The runtime is the enforcement gate between a proposed action and a real external effect. It turns an evaluated governance state into an executable or denied outcome.

This is what gives the runtime strategic weight: it creates a controlled point where external effects can be accepted or refused based on explicit delegation state instead of agent enthusiasm.

Current public example

The current public runtime contract is easiest to picture as an action request with explicit context:

JSON

{
  "scope": "ops.prod",
  "component": "release.agent",
  "interface": "ops-api",

  "action": {
      "name": "git.commit",
      "intent": "release-update"
  },

  "extras": {
      "repository": "payments-service",
      "branch": "release/2026-04"
  }
}

A minimal request shape: the runtime does not only receive an action, but the scoped context in which that action is being requested.

The current public implementation exposes a minimal enforcement API:

Python

from gtaf_runtime import enforce

result = enforce(
  drc=drc,
  context=context,
  artifacts=artifacts,
)

if result.outcome == "DENY":
  raise PermissionError(
      result.reason_code
  )

reason_code = result.reason_code

A minimal runtime call: the important point is the explicit allow-or-deny result with a reason path, not the concrete implementation language.

The point of this example is not the stack itself. The point is that a real system can be wired so that execution permission is evaluated explicitly instead of being inferred from tool access alone.

Why this changes the architecture

Many agent systems still blur together planning, tool access, and authority. GTAF Runtime breaks that collapse.

the planner may propose an action, but it does not authorize it
the system may see a tool, but that does not imply it may use it
a denial is not a soft warning; it is the runtime outcome that prevents the effect
explicit reason codes improve reviewability, debugging, and audit readiness

How TNT can help

GTAF Runtime is relevant wherever teams want AI systems to do real work without bypassing governance. Typical collaboration paths include:

designing the enforcement boundary between AI proposals and external actions
mapping internal policies, approval logic, and accountability into runtime-ready artifacts
reviewing whether an existing agent system currently grants too much implicit authority
shaping language-agnostic runtime contracts for environments that need more than observability after the fact

Where this lands first

Repository and delivery automation

Release assistants, code automation, and CI/CD-adjacent systems that should not quietly inherit full write authority just because they can call Git or APIs.

Operational business actions

Systems that may approve, modify, trigger, send, or escalate in environments where denied execution must be a real runtime outcome rather than a warning on a dashboard.

Continue in publications

Governance & Trust Architecture Framework

GTAF Reference

A governance framework for AI systems that may act, delegate, or produce consequential effects. GTAF turns scope, authority, responsibility, and validity into structured operational artifacts.

Read the framework

Integration layer around the runtime core

GTAF SDK

The adoption layer that helps real systems load artifacts, shape execution context, and call the runtime cleanly. The public implementation is one concrete path, but the integration model is not language-specific.

Understand integration

Infrastructure for Trusted Autonomy

ITA

A runtime architecture for systems that must act with real effect while staying governable. ITA extends GTAF into execution spaces, capability exposure, enforcement, and audit.

See the architecture

Talk to TNT when AI should do real work

From GTAF through Runtime and SDK to ITA, TNT already brings public reference work, runtime building blocks, and applied architecture into these questions. The conversation does not have to start at theory.

When these questions move from interest to implementation, TNT is a serious conversation partner.

Discuss your context