Hi JB, Thank you, I really appreciate the reply. I actually found it by chance in the public archive while searching, so apologies for the delayed response. I’m subscribing to [email protected] [mailto:[email protected]] so I don’t miss follow-ups on-list ( I hope :) ). A short summary of PIC as it exists today: PIC is not an agent framework. It is a local-first verification / control layer that sits between an AI agent and a sensitive tool action. Before a high-impact tool call is allowed to execute, the agent has to emit a structured proposal describing: * what it wants to do * why * what the impact level is * what provenance and evidence support the action * which exact tool/action is being requested PIC then verifies that proposal against policy and tool binding rules and fails closed if requirements are not met. So the core purpose is not better prompting, but safer action execution: an agent may propose an action, but it should not be able to execute a high-impact one just because the model said so. A few properties that may help clarify the intent: * local-first / no required cloud dependency * framework-agnostic by design * explicit evidence verification support * fail-closed behavior at the action boundary * integrations/adapters around environments such as LangGraph, MCP, OpenClaw, and Cordum One design direction I care about a lot is reducing reliance on self-asserted trust from the model side. Recent work in the project has moved more toward sanitizing inbound trust and treating trust as something that should be verifier-derived / evidence-backed rather than simply declared by an agent. On community: today it is still early and mostly maintainer-led. The current public state is a spec, reference implementation, tests, docs, and integrations, but I fully agree that the real Apache question is whether a broader open community can form around the problem area. The community I would hope to grow is not just users of one library, but people interested in secure tool execution for agents, policy / verification layers for high-impact actions, interoperable open infrastructure for trustworthy agent behavior, independent implementations and conformance work over time.
So I’m not assuming PIC is incubation-ready today. I’m mainly trying to understand whether the problem space and project shape feel directionally compatible with Apache, and what would need to be true for it to become a credible candidate. Happy to discuss further, and happy also to send a short follow-up describing what PIC is not, how I see it relative to existing Apache efforts, and what I think would make it more incubation-ready. Thanks again for taking a look. I'm really looking forward to hear from you. Best , Fabio On 2026/03/28 05:27:47 Jean-Baptiste Onofré wrote: > Hi Fabio > > I'm not sure I understand the project yet (I have to read the md on the > repo). > > There's no problem to have a "not ready yet" project in incubation. The > focus is both to move forward on the project and grow the community. > There's also no problem to have an existing project pretty close to what > you are proposing, as long as projects have their own community. > > Let me take a look and I would be happy to chat with you to better > understand the purposes of PiC and evaluate what is the community > today/future. > > Regards > JB > > > On Fri, Mar 27, 2026 at 8:43 PM Fabio Salvadori > wrote: > > > Hello Apache Incubator community, > > I’m reaching out to get early feedback on whether PIC Standard might be a > > plausible future candidate for incubation. > > PIC Standard is an Apache-2.0 licensed open-source protocol for requiring > > verifiable provenance, intent, and evidence before AI agents perform > > high-impact tool actions. The aim is to provide a vendor-neutral, > > framework-agnostic safety layer that makes sensitive agent behavior more > > auditable and harder to subvert. > > The project currently includes a specification, reference tooling, tests, > > and early integrations, and is being developed in the open here: > > > > https://github.com/madeinplutofabio/pic-standard > > I understand Apache’s incubation process is centered on community health > > and open governance rather than code alone. With that in mind, I’m not > > claiming the project is necessarily ready today. I’m writing to ask: > > * Does this sound directionally like something that could fit Apache > > incubation? > > * Does it appear complementary to existing Apache efforts, or too close to > > something already present? > > * Would any IPMC members be open to offering early guidance on what would > > make a project like this more incubation-ready? > > I’d appreciate any candid feedback. > > Best regards, > > Fabio Marcello Salvadori > > [2b8d1d7b-87b6-455a-9e9f-ae306c29581e] > [194def61-5b5b-441b-9dcc-992f8cd923d6]
