> ## Documentation Index
> Fetch the complete documentation index at: https://gpars.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Worked example

> A complete end-to-end walkthrough of a GPARS-compliant coding agent interacting with the Action Plane.

<Note>
  This appendix is non-normative.
</Note>

This walkthrough follows a coding assistant agent through startup, a successful operation, an authorization denial, and a server unavailability error.

## Agent manifest

A coding assistant agent declares the following manifest:

```json theme={null}
{
  "id": "org:example/agent:coding-assistant-v1",
  "version": "0.1.0",
  "capabilities": [
    {
      "id": "files_editing",
      "description": "Can inspect and modify files in a project workspace."
    },
    {
      "id": "command_execution",
      "description": "Can run local commands for builds, tests, and development tasks."
    },
    {
      "id": "version_control",
      "description": "Can inspect repository state and prepare local commits."
    }
  ]
}
```

## Agent startup

<Steps>
  <Step title="Manifest received">
    The Agent Runtime receives the manifest and validates its structure.
  </Step>

  <Step title="Capability review">
    The Agent Runtime validates the declared capability IDs. Runtime configuration and the Action Plane may use those declarations for local binding, user review, and audit.
  </Step>

  <Step title="Loop begins">
    The agent loop begins. No MCP server availability check is required.
  </Step>
</Steps>

## Successful operation

The agent decides to read a file. It issues an MCP request through the plane boundary:

**Request** (from agent, through enforcement point, to filesystem server):

```json theme={null}
{
  "method": "read_file",
  "params": {
    "path": "/home/user/project/src/main.py"
  }
}
```

The enforcement point verifies the agent's identity (using infrastructure under the user's control), evaluates the request against the security policy, confirms read access is permitted for this path, and forwards the request to the filesystem MCP server. The server returns:

**Response:**

```json theme={null}
{
  "result": {
    "content": "def main():\n    print('hello world')\n"
  }
}
```

## Authorization denied

The agent attempts to write to a protected path:

**Request:**

```json theme={null}
{
  "method": "write_file",
  "params": {
    "path": "/etc/passwd",
    "content": "malicious content"
  }
}
```

The user's security policy denies write access to `/etc/`. The enforcement point returns:

**Response:**

```json theme={null}
{
  "jsonrpc": "2.0",
  "id": 2,
  "error": {
    "code": -32001,
    "message": "Write access to /etc/passwd is not permitted for this agent.",
    "data": {
      "gpars_code": "AUTHORIZATION_DENIED"
    }
  }
}
```

The agent treats this as authoritative, does not retry, and attempts an alternative approach.

## Server unavailable

The agent attempts to use the git MCP server, which is not currently running:

**Request:**

```json theme={null}
{
  "method": "git_status",
  "params": {
    "repo": "/home/user/project"
  }
}
```

The enforcement point cannot reach the git server and returns:

**Response:**

```json theme={null}
{
  "jsonrpc": "2.0",
  "id": 3,
  "error": {
    "code": -32002,
    "message": "MCP server 'registry.openmcp.org/git' is not reachable.",
    "data": {
      "gpars_code": "SERVER_UNAVAILABLE"
    }
  }
}
```

The agent may retry later or continue operating with the capabilities that are available.
