OpenTerms is an open standard for machine-readable permission rules. Your agent checks a domain before it acts and gets back: allowed, denied, or escalate.
import openterms
result = openterms.check("github.com", "scrape_data")
# → allowed / denied / not_specified
511 services indexed. Open standard, free SDK, no lock-in.
Robots.txt told crawlers where they could go. OpenTerms tells agents what they can do.
The agent attempts an action the service forbids, gets rate-limited or banned, and the workflow fails. The engineer debugs a problem a permission check would have prevented.
The action succeeds when it should not have. Now there is data to roll back, a dispute to manage, or a relationship to repair. Cleanup costs more than prevention.
An over-cautious agent defers an action it was permitted to take. The workflow halts, a human is paged, and throughput drops for no reason.
Any service drops an openterms.json file at /.well-known/ declaring what agents may do — or what they may not.
Before any action, the agent calls openterms.check(domain, action) and gets back allow / deny / escalate. No model in the loop.
Deterministic: The check is a lookup, not a model judgment — the same question always returns the same answer, no AI guessing in the loop.
Check is the first of three. As your agents do more, the questions get bigger.
A lookup before every action. Deterministic, fast, no model required.
Engineering Live · Public alphaSigned receipts of every action — independently verifiable, reviewable history.
Security & risk Private betaDelegated-authority commitments, bound to the receipts that record what they did.
Legal & counsel Private alpha / not generally availableEach product stands alone. Together they form a fuller evidence chain. The standards beneath them are open.
Built on published cryptographic standards — not proprietary formats. Anyone can verify, and nothing locks you in.
View on GitHub →Start where your agents already are.