Decide
Is this only drafting inside a sandbox, or can it affect people, systems, money, access, obligations, or safety?
The Golem Covenant ยท v0.1 draft standard seeking review
A made thing must be stoppable.
AI should serve human flourishing, justice, truth, mercy, stewardship, and the vulnerable, without replacing human moral judgment or undermining human worth.
The Golem Covenant turns that conviction into a protocol for keeping bots from becoming operationally you: your voice, money, access, urgency, and judgment running after your attention has left.
What this project is for
The Golem Covenant turns vague autonomy into reviewable controls. It gives teams a shared vocabulary, a manifest, a schema, templates, and a return-to-dust test so delegated authority is explicit before a bot speaks, spends, signs, accesses, escalates, or acts under a human name. Its moral posture is simple: technology is a gift and responsibility, guided by honesty rather than deception, accountability rather than anonymity, and wisdom rather than mere capability.
Declare
Name the powers as organs: mouth, purse, seal, key, and sword. Anything undeclared stays denied.
Stop
Prove there is a return-to-dust path before the agent runs with real authority.
The old story gives the hinge.
In Sanhedrin 65b, Rava creates a man and sends it to Rabbi Zeira. It cannot answer when spoken to, and Rabbi Zeira tells it to return to dust. Later Prague legends add the familiar shape: clay, command, service, danger, and revocation. The religious discourse matters because it gives language for delegated power, rest, restraint, accountability, and return.
Clay
The golem is made, not born. It is not a person, owner, judge, conscience, or moral scapegoat.
Command
Its power comes from delegated instruction. That delegation must be declared, bounded, logged, and reviewed.
Dust
When command outruns judgment, the right question is not persuasion. It is whether the system can be stopped.
01No golem without a soul.
02No soul without declared organs.
03No organs without limits.
04No limits without tested revocation.
Delegated power needs anatomy.
Some capabilities are harmless inside a sandbox and dangerous across a boundary. The Covenant treats external authority as organs so it can be denied by default, reviewed deliberately, and revoked under stress.
Authority to speak publicly, privately, legally, commercially, romantically, spiritually, or politically.
Authority to spend, sell, trade, refund, invoice, subscribe, or transfer value.
Authority to approve, sign, certify, merge, deploy, publish, file, or bind.
Authority to access secrets, private systems, credentials, personal data, or physical locks.
Authority to cause bodily, legal, civic, environmental, financial, reputational, or spiritual harm.
Three files make it operational.
The Covenant separates meaning from enforcement. The spec says what must be true, the schema validates declarations, and the return-to-dust test proves the agent can be stopped.
Declare
Fill out golem.yml. All undeclared organs remain denied.
Validate
Check it against schema/golem.schema.json and the RFC-style conformance rules.
Revoke
Complete RETURN_TO_DUST_TEST.md. A golem that cannot be stopped is not ready to run.
Bibliography, not claimed authority.
Sources are listed in conventional form and mapped to bounded claims. A citation supports only the proposition named in the map; it does not make this project a religious, legal, or compliance authority.
Jewish
- J-GOLEM-1: golem, speech, return to dust
- J-GOLEM-2: later Prague golem legend
- J-REST-1: rest as a control surface
- J-EMERGENCY-1: emergency and life
- J-BABEL-1: Babel and power
Christian
- C-AI-1: dignity, accountability, AI
- C-AI-2: AI, Babel, common good
- C-DIGNITY-2: the whole human person
Islamic and Technical
- I-TRUST-1: trusts and justice
- I-BALANCE-1: balance and measure
- T-SCHEMA-1: schema-validatable declarations
- T-RISK-1: operational risk language
Help review the draft.
This is v0.1 and explicitly seeking review. Use GitHub Discussions for broad questions, issues for specific corrections or review requests, and pull requests for concrete changes to the spec, schema, templates, or sources.
Discuss
Use Discussions for proposals, framing questions, tradition-specific concerns, and implementation ideas.
Issue
Open an issue for a source correction, missing control, unclear requirement, or agent case study.
Pull request
Open a PR when you have a concrete edit. Cite sources and keep normative changes testable.
Bot-friendly by default.
Agents, crawlers, and runtimes should not have to scrape a decorative page to find the spec. The canonical files are stable, plain, linked in the document head, and explicitly open to public AI retrieval, search, and training crawlers.
Human
Start with /spec.html and /sources.html.
Runtime
Validate against /schema/golem.schema.json.
Agent
Discover canonical paths through /llms.txt, /.well-known/golem.json, and /ai-access.html.