Payload conventions
Structured payload fields power console provenance, policy conditions, and compliance exports. Populate them consistently across LLM and tool events.
Recommended fields
| Field | Type | Required | Description |
|---|---|---|---|
purpose | string | No | Why this LLM/tool step ran |
data_touched | string[] | No | Logical fields sent to the model or tool |
data_classification | string | No | e.g. pii, pii_financial, internal |
provider | string | No | Vendor: stripe, openai, google |
action | string | No | Human-readable action name |
amount_usd | number | No | For financial policy limits |
currency | string | No | ISO currency, default USD |
trigger_source | string | No | Upstream system (ticket, calendar, CRM) |
trigger_reason | string | No | Plain-language cause |
business_context | string | No | Executive audit line |
investor_summary | string | No | One-sentence narrative for dashboards |
transaction_id | string | No | Vendor correlation id |
LLM invocation example
json
{
"purpose": "triage_support_ticket",
"data_touched": ["customer_email", "order_id", "ticket_message"],
"data_classification": "pii_financial",
"prompt_hash": "a1b2c3…",
"response_hash": "d4e5f6…"
}Policy / payment example
json
{
"provider": "stripe",
"action": "create_payment_intent",
"amount_usd": 249,
"currency": "USD",
"trigger_source": "support_ai_agent",
"trigger_reason": "Customer refund request on TKT-8842",
"resource_id": "ORD-2026-4410"
}Policy conditions
Rules can use max_per_tx and max_daily_total when amount_usd is present at evaluate/ingest time.