Tech Jacks Solutions
Behavioral Bill of Materials (BBOM)
Document your AI agent's capabilities, permissions, and behavioral boundaries
1
Agent Identity
Agent Name
Version
Owner / Accountable Team
Deployment Date
Environment
Autonomy Level
EU AI Act Classification
Autonomy levels: Fully Supervised | Human-in-the-Loop | Human-on-the-Loop | Fully Autonomous.
EU AI Act: Minimal Risk | Limited Risk | High Risk | Unacceptable Risk.
2
Model Configuration
Base Model / Provider
Model Version (Pinned)
Context Window
Temperature
Max Output Tokens
Fine-Tuning / Customization Details
System Prompt Summary
Document the system prompt's intent and behavioral constraints, not the full text (which may be confidential). Include guardrail instructions and persona definition.
3
Tool Access Inventory
| Tool / API Name | Permission Scope | Data Access Level | Rate Limits | Risk Level |
|---|---|---|---|---|
+ Add additional rows as needed when printing
List every tool, MCP server, API, or external service the agent can access. Permission scope: Read | Write | Execute | Admin.
Data access: Public | Internal | Confidential | Restricted/PII. Risk: Low | Medium | High | Critical.
4
Behavioral Boundaries
Permitted Actions (What the agent IS allowed to do)
Prohibited Actions (What the agent must NEVER do)
Escalation Triggers (Conditions that force agent-to-human handoff)
Max Actions Per Session
Max Autonomous Operation Window
Define negative constraints explicitly. Example prohibited actions: financial transactions above threshold, PII export, infrastructure changes, external communications without approval. Escalation triggers: confidence below threshold, novel situation, action impact above severity level, boundary violation detected.
5
Memory & Data
Memory Architecture
Retention Period
Data Classification Handled
PII / PHI Handling Policy
Cross-Session Data Isolation Controls
Memory types: Session-only (ephemeral) | Short-term (within conversation) | Long-term (persistent across sessions) | Shared (multi-agent). Document whether memory is per-user isolated or shared.
6
Oversight Controls
Human-in-the-Loop Checkpoints
Kill Switch Mechanism
Kill Switch Response Time SLA
Monitoring / Observability Stack
Alerting Configuration
Document the kill switch procedure: how to trigger it, what it halts (in-progress tasks, queued actions, credentials), who has authority to activate it, and the expected latency from activation to full stop. Per EU AI Act Article 14(3)(d), high-risk systems must have a stop mechanism.
7
Governance Alignment
NIST AI RMF Functions Addressed
ISO 42001 Clauses Implemented
EU AI Act Articles Applicable
Conformity Assessment Status
Last Audit Date & Findings Summary
NIST AI RMF Functions: Govern | Map | Measure | Manage. ISO 42001 key clauses: 4.1 Context, 5.2 Policy, 6.1 Risk, 8.4 Impact Assessment, A.6 Lifecycle, A.9 Use. EU AI Act: Articles 6-15 (high-risk requirements), Article 14 (human oversight), Article 49 (registration).
8
Risk Assessment
| Identified Risk | Severity | Mitigation Control | Residual Risk | Risk Owner |
|---|---|---|---|---|
+ Add additional rows as needed when printing
Common agent risks to evaluate: prompt injection (direct/indirect), tool misuse/excessive agency, memory poisoning, privilege escalation, data exfiltration, hallucination propagation, supply chain compromise, goal drift, unauthorized external communications. Severity: Critical | High | Medium | Low. Residual risk: Accepted | Mitigated | Transferred | Avoided.
9
Change Log
| Date | Change Description | Approved By | BBOM Version |
|---|---|---|---|
+ Add additional rows as needed when printing
Update the BBOM whenever: tool access changes, model version updates, behavioral boundaries are modified, new risks are identified, governance requirements change, or after any production incident. The BBOM is a living document per NIST AI RMF MG-1.4 and EU AI Act Article 11.