A planner emits per-prompt task envelopes carrying a declarative capability budget (allow/deny paths, max files/lines) that is enforced at dispatch and re-verified at PR time by the same contract, with a non-blocking reserved-file token broker serialising high-blast-radius edits among heterogeneous AI agents.
This repository is a Technical Defensive Publication. It is published to establish a dated, public, citable record of prior art.
| Field | Value |
|---|---|
| Publisher / Copyright holder | Gus IT LLC (Florida, USA) |
| Author | Gustavo Assuncao, PhD |
| Publication date | 2026-06-25 |
| Version | 1.0 |
| Document type | Technical Defensive Publication (public prior art) |
| Classification | Public |
| License | AGPL-3.0-or-later (copyleft; commercial license available) |
| Deposit channel | To be assigned (IP.com / Zenodo / arXiv) — establishes a public, dated, citable prior-art record. |
When three or four heterogeneous AI code-generation agents (for example, distinct hosted coding agents and an internal agent) write to one shared repository at the same time, two problems dominate. First, an agent given an open-ended natural-language prompt can exceed the intended scope of its change — touching files far outside the requester's mental model. Second, agents collide on a small set of high-blast-radius files (the dependency manifest and lockfile, database migrations, the container build file, the deployment manifests, the server entrypoint), where two concurrent edits reliably produce a merge conflict or, worse, a silently broken build.
This publication describes a method that bounds both problems. A planner classifies each natural-language request into a kind and a risk label and emits one or more task envelopes. Each envelope carries a declarative capability budget — allow_paths, deny_paths, max_files_changed, max_lines_changed, and a may_add_dependencies flag — together with an agent-role assignment, a set of required reserved-file tokens, and dependency edges. The same envelope is both the runtime scope handed to the agent and the exact contract re-checked at pull-request time by a continuous-integration envelope-gate, so the dispatch-time promise is identical to the merge-time enforcement.
High-blast-radius files are guarded by a non-blocking reserved-file token broker: a TTL-bounded lease keyed on an enumerated reserved path, acquired by an atomic conditional insert (INSERT … ON CONFLICT DO NOTHING) and reaped on expiry. A prompt that touches both database migrations and application code is automatically split into a token-gated schema envelope and a code envelope whose dispatch blocks until the schema envelope merges — encoding the expand/contract ordering as a dependency edge.
This technique is published defensively. The objective is to keep the method freely practiceable by everyone and to prevent any third party from later obtaining an exclusionary patent over it. By disclosing the full mechanism — architecture, data model, algorithms, and a working illustrative reference implementation — as of a fixed public date, this repository becomes citable prior art under the novelty and obviousness standards used by patent offices worldwide. We make no offensive patent claim here; the AGPL-3.0-or-later license carries an express patent grant for the contributed material.
The author's own pre-publication screen rated this invention's standalone patentability as weak (a combination of individually familiar elements). That is precisely the case in which a defensive publication is the correct instrument: low value in owning it, real value in nobody else owning it.
| Document | What it contains |
|---|---|
| DEFENSIVE-PUBLICATION.md | The full technical whitepaper: architecture, mechanics, data model, claims, prior-art delta, evaluation methodology. |
| docs/PRIOR-ART.md | Prior-art landscape, delta table, and honesty attestation. |
| docs/FIGURES.md | All Mermaid figures with captions (Figure 1..N). |
| docs/OPEN-SOURCE-APP.md | The planned open-source reference app and a generic Kubernetes deployment sketch. |
| src/ | Clean-room illustrative reference implementation (Node.js) + src/README.md. |
| LICENSE · NOTICE · CITATION.cff | Licensing, attribution, citation metadata. |
This publication is the first artifact of an intended open-source reference application — a task-envelope dispatcher that any team running multiple coding agents can adopt. Its design, minimal architecture, mapping to the invention, and a generic AKS/Kubernetes deployment sketch are described in docs/OPEN-SOURCE-APP.md.
src/ contains a dependency-light, clean-room Node.js demonstration of the novel mechanism: an in-memory token broker, an envelope planner with the automatic schema/code split, and a PR-time envelope-gate that re-checks a diff against the very budget that scoped the work. Run the self-check:
cd src
node selfcheck.jsIt exercises token acquire/conflict/TTL-reap, the schema/code split with a dependency edge, and an envelope-gate pass/fail on a synthetic diff. The code is illustrative and is not the production system of any operator.
Licensed under AGPL-3.0-or-later — see LICENSE. Please cite using CITATION.cff:
Assuncao, Gustavo (2026). Capability-Scoped Task Envelopes with Reserved-File Token Broker for Concurrent AI Coding Agents. Technical Defensive Publication, v1.0, Gus IT LLC. Published 2026-06-25.