Payload conventions

Structured payload fields power console provenance, policy conditions, and compliance exports. Populate them consistently across LLM and tool events.

Recommended fields

FieldTypeRequiredDescription
purposestringNoWhy this LLM/tool step ran
data_touchedstring[]NoLogical fields sent to the model or tool
data_classificationstringNoe.g. pii, pii_financial, internal
providerstringNoVendor: stripe, openai, google
actionstringNoHuman-readable action name
amount_usdnumberNoFor financial policy limits
currencystringNoISO currency, default USD
trigger_sourcestringNoUpstream system (ticket, calendar, CRM)
trigger_reasonstringNoPlain-language cause
business_contextstringNoExecutive audit line
investor_summarystringNoOne-sentence narrative for dashboards
transaction_idstringNoVendor correlation id

LLM invocation example

json
{
  "purpose": "triage_support_ticket",
  "data_touched": ["customer_email", "order_id", "ticket_message"],
  "data_classification": "pii_financial",
  "prompt_hash": "a1b2c3…",
  "response_hash": "d4e5f6…"
}

Policy / payment example

json
{
  "provider": "stripe",
  "action": "create_payment_intent",
  "amount_usd": 249,
  "currency": "USD",
  "trigger_source": "support_ai_agent",
  "trigger_reason": "Customer refund request on TKT-8842",
  "resource_id": "ORD-2026-4410"
}

Policy conditions

Rules can use max_per_tx and max_daily_total when amount_usd is present at evaluate/ingest time.