Skip to main content

Documentation Index

Fetch the complete documentation index at: https://gpars.io/llms.txt

Use this file to discover all available pages before exploring further.

The manifest and the security policy serve different roles:
ConcernOwnerWhere it livesWhen it applies
Capability RequirementsAgent developerManifest (Cognitive Plane)Declarative (informational)
Security PolicyUserAction PlaneContinuously during operation
The manifest declares what the agent is designed to do. The security policy determines what the agent is allowed to do. These are independent — an agent may declare a files_editing capability described as file inspection and modification, but the user’s policy may only permit reads on specific paths.

Enforcement points

Boundary

The plane boundary enforcement point verifies agent identity, evaluates requests against the security policy, and routes permitted requests to MCP servers. The agent cannot bypass this point. Unauthorized operations receive AUTHORIZATION_DENIED. Unavailable servers return SERVER_UNAVAILABLE.

Operation

MCP servers may enforce their own operational constraints (e.g., resource limits, invalid parameters) and return standard MCP errors. MCP servers are NOT required to implement GPARS security policy logic.
The agent is never trusted to enforce its own boundaries or assert its own identity. All enforcement occurs outside the Cognitive Plane, under the user’s control.