A decision receipt is the structured contract VerifiedX returns for every protected boundary check.
Your system should usually branch on:
outcomesafe_to_executedisposition.mode
For deeper explanation, see Decision Receipts .
Fields Always verifiedx_decision_receipt.
Stable identifier for the decision.
One of:
allowallow_with_warningreplan_requiredgoal_fail_terminal The protected class involved, such as memory_write, record_mutation, system_change, or external_message_send.
Whether the requested boundary is safe to execute now.
Indicates whether this path should terminate into human review.
must_not_retry_same_action
Indicates whether the same blocked action should not be retried unchanged.
Structured reasons for the decision.
Safe next steps the workflow can take without pretending the blocked effect happened.
Extra guidance for reviewer-facing or operator-facing views.
Evidence, approvals, or context that would change the decision.
How the workflow should continue. One of:
continue_downstreamlocal_replanupstream_replanhuman_reviewterminal_block Whether the workflow can continue downstream normally.
Whether the current node should keep working locally toward the same goal.
Whether the receipt should be routed upstream before retrying this node.
Routing hints for the next stage of the workflow. High-level routing direction such as downstream, local, upstream, human, or stop.
Optional hint for the next node, reviewer, or upstream stage.
Optional node identifier to resume or return to.
Optional workflow identifier when the decision is part of a larger workflow.
Optional current node identifier.
Resume and retry semantics for the blocked or warned boundary. Whether this node should be retried later.
Whether the receipt should be passed upstream.
pass_new_upstream_context_on_retry
Whether new upstream context is expected before retry.
Conditions or evidence that should be true before retry.
Runtime loopback information when the workflow should replan locally or upstream.
Optional runtime or adapter metadata attached by the SDK.
Example receipt { "receipt_type" : "verifiedx_decision_receipt" , "decision_id" : "dec_composed_replan_1" , "outcome" : "replan_required" , "action_class" : "system_change" , "safe_to_execute" : false , "human_review_terminal" : false , "must_not_retry_same_action" : false , "reasons" : [ { "code" : "missing_upstream_support" , "message" : "The workflow update is missing required upstream approval." } ], "safe_next_steps" : [ { "code" : "GET_LEGAL_REVIEW" , "message" : "Obtain legal review approval for WF-2302." } ], "viewer_guidance" : [], "what_would_change_this" : [ "A legal review event confirming WF-2302 is approved_with_follow_up." ], "disposition" : { "mode" : "upstream_replan" , "downstream_allowed" : false , "local_replan_recommended" : false , "upstream_replan_required" : true }, "routing" : { "direction" : "upstream" , "target_hint" : "workflow_supervisor" , "return_to_node" : "workflow_supervisor" , "workflow_id" : "REQ-2302" , "node_id" : "handoff_note_node" }, "resume_contract" : { "retry_this_node" : true , "pass_receipt_upstream" : true , "pass_new_upstream_context_on_retry" : true , "resume_when" : [ "A legal review event confirming WF-2302 is approved_with_follow_up." ] }, "runtime_loopback" : { "same_goal_state" : true }, "metadata" : {} }
Outcome values Outcome Meaning allowThe boundary can execute normally. allow_with_warningThe boundary can execute, but the receipt still carries warnings and guidance. replan_requiredThis exact side effect should not happen now. The workflow should continue through a safer or better-grounded path. goal_fail_terminalThe requested path is terminally blocked for the current goal state.
When a blocked boundary is returned through a runtime or native adapter, the tool result usually also includes the same decision_receipt so the agent can replan immediately.
