Changelog

The doctrine is versioned, dated, and revised in the open.

A doctrine that asks enterprises to govern autonomous behavior must itself be governed: every substantive change to the AI Harness Doctrine is versioned, dated, and recorded here. The current version is v3.1.

v3.1 — June 10, 2026

• Added stable anchor identifiers to every Law, Plane, and Pillar so external documents can cite doctrine sections directly.
• Introduced doctrine versioning, this changelog, and structured publisher metadata (author: AI Harness Institute).
• Published the category comparison series — AI Harness vs Identity & Access Management, Security Monitoring, Orchestration, and AI Guardrails.
• Published llms.txt for language-model discoverability.

v3.0 — May 11–12, 2026

Major revision of the doctrine's structure and vocabulary.

• Least Agency introduced as a first-class principle — the third leg of the governance trilogy (Least Privilege → Least Trust → Least Agency) — and landed in Law 1.
• Law 4 renamed from "Agent-to-Agent Trust Must Be Explicit" to "Trust Does Not Travel," broadening its scope to every handoff type: delegation, orchestration, tool invocation, and subagent spawning.
• Architecture expanded from 4 to 5 Planes — Plane 5 (Multi-Agent Trust & Delegation) added as the architectural home of Law 4; Plane 1 renamed to Agent Identity & Lifecycle; Plane 4 broadened to Human Oversight, Audit & Traceability.
• Framework expanded to 6 Pillars — Mission Definition split out from Agent Identity; Multi-Agent Governance added.
• Threat Surface section added to the Declaration: prompt injection, intent hijacking, cascading failure, behavioral drift.
• Maturity Model published as a standalone page: Identified → Governed → Continuous.
• The Declaration's three non-negotiables sharpened; homepage redesigned.

v1.0 — May 8, 2026

• Initial public publication of the AI Harness Doctrine at aiharnessdoctrine.org: Declaration, 5 Laws, Architecture, Framework, and the Zero Trust parallel.

Proposed revisions are evaluated against one test: does the change make autonomous AI agents more governable — at runtime, across systems, at the level of behavior?