Did the Turn provide an explanation, generate a validated draft, request a registered action or complete a canonical side effect—and what exact record supports that conclusion?
Operational guide · Controlled Intelligence
Use Intelligence without confusing an answer with an action.
Use this workflow when natural-language assistance must remain bound to the current actor, tenant, Project, exact object, registered tools and canonical execution evidence.
Intelligence combines owner-private state with server-rebuilt context and a bounded model/tool/model engine.
Ask one concrete question and verify each transition before authorising the next one.
A safe failure preserves the session and goal without manufacturing a result or widening scope.
The session and Turn can retain profile, prompt/context version, usage, selected skill, provider call identity, tool and argument hash, validation result, confirmation or approval state, attempt metadata and final Action/canonical reference according to the configured contract.
Intelligence does not scrape arbitrary screens, browse the web, run a general autonomous workflow graph or inherit permissions the actor lacks. ANPy code is validated but not executed by AI; Drive/Sandbox remain response-only without a registered adapter; Pipeline execution, retry/cancel and Data Quality rule execution are not current AI actions.
Decision question
Did the Turn provide an explanation, generate a validated draft, request a registered action or complete a canonical side effect—and what exact record supports that conclusion?
Objects and controls used
Intelligence combines owner-private state with server-rebuilt context and a bounded model/tool/model engine.
Session, goal, message and Turn lifecycle in global, project or exact-object scope
Actor, tenant, active Project, permission, RLS and selected-object context rebuilt server-side
Versioned skill and server-owned Luna, Terra or Sol policy profile
Registered tool, argument hash, confirmation/approval binding, Action and canonical result reference
Controlled-use flow
Ask one concrete question and verify each transition before authorising the next one.
-
State the goal in the active context
Name the selected Source, Dataset, report, run or Assurance object when relevant; do not assume the model can infer hidden browser state.
-
Check the grounded object
Confirm the response uses the current authorised Source/schema or exact object and clearly separates facts, assumptions and missing context.
-
Review generated SQL or code as a draft
Safe SQL or ANPy AST validation rejects unsupported structure, but validation alone does not execute SQL, save an asset or run Python.
-
Inspect the proposed tool and target
Verify the registered capability, arguments, object/version identity and expected output before confirmation.
-
Complete confirmation or approval
Preview and write actions follow their exact binding; configured high-risk actions require independent approval and a renewed requester confirmation.
-
Follow durable progress
Use SSE replay or polling of database-authoritative Turn events; a queued message or streamed answer is not side-effect evidence.
-
Verify the canonical outcome
Open the completed Action/tool result and referenced SQL, Dataset, Analytics, Assurance or Service Desk object created by the responsible module.
Failure and partial paths
A safe failure preserves the session and goal without manufacturing a result or widening scope.
Context is insufficient or mismatched
Ask for the missing authorised object or select the correct Source; do not accept SQL for an unselected or different database.
Model output fails the final contract
No action is applied. The Turn may finish partially with a safe explanation and correlation reference.
Tool dependency is unavailable
Remove only that capability from the model's allowed tools; unrelated response-only help can remain available.
Worker or stream disconnects
Resume from durable events or polling. Cancellation and late-worker handling preserve the fenced Turn state.
Evidence produced
The session and Turn can retain profile, prompt/context version, usage, selected skill, provider call identity, tool and argument hash, validation result, confirmation or approval state, attempt metadata and final Action/canonical reference according to the configured contract.
Current boundary
Intelligence does not scrape arbitrary screens, browse the web, run a general autonomous workflow graph or inherit permissions the actor lacks. ANPy code is validated but not executed by AI; Drive/Sandbox remain response-only without a registered adapter; Pipeline execution, retry/cancel and Data Quality rule execution are not current AI actions.
Next step
Review the responsible-AI control chain.
Understand how context, validation, confirmation, approval and canonical evidence constrain model behaviour.
Explore Advanexus Intelligence