Description
Medical devices fail audits not because: the documentation was missing, they fail because:
behavior cannot be reproduced
updates invalidate prior assurances
responsibility boundaries blur
runtime drift cannot be explained
Agent Cards don’t solve:
post-market surveillance
adverse event reconstruction
recall scope determination
“show me exactly what the system did for this patient”
Agent Cards are:
a catalog
a northbound registry
a documentation export
a regulatory appendix
a discovery artifact
They are outputs of a governed system, not inputs.
Agent Cards are useful as descriptive metadata, but they are insufficient and unsafe as a governance or assurance mechanism. Real assurance requires deterministic execution, runtime evidence, and fail-closed controls which sit below any metadata layer.
Agent-to-Agent (A2A) protocols optimize for interoperability and discovery, not assurance. They assume agents can safely advertise capabilities and self-select collaborators, which is acceptable for low-risk productivity use cases but structurally insufficient for regulated or safety-critical systems.
In domains such as healthcare, finance, and infrastructure, agent interaction is a risk-bearing act that requires explicit, bounded authorization, deterministic execution, and verifiable evidence of behavior.
These properties cannot be achieved by extending static Agent Cards or metadata schemas. Governance must be enforced at runtime, with fail-closed controls and auditable provenance, rather than inferred from declarations. For these reasons, I will not / never adopt A2A as a foundation for high-assurance systems and instead focus on evidence-driven, assurance-first interaction models.
Raised by
No response
Description
Medical devices fail audits not because: the documentation was missing, they fail because:
behavior cannot be reproduced
updates invalidate prior assurances
responsibility boundaries blur
runtime drift cannot be explained
Agent Cards don’t solve:
post-market surveillance
adverse event reconstruction
recall scope determination
“show me exactly what the system did for this patient”
Agent Cards are:
a catalog
a northbound registry
a documentation export
a regulatory appendix
a discovery artifact
They are outputs of a governed system, not inputs.
Agent Cards are useful as descriptive metadata, but they are insufficient and unsafe as a governance or assurance mechanism. Real assurance requires deterministic execution, runtime evidence, and fail-closed controls which sit below any metadata layer.
Agent-to-Agent (A2A) protocols optimize for interoperability and discovery, not assurance. They assume agents can safely advertise capabilities and self-select collaborators, which is acceptable for low-risk productivity use cases but structurally insufficient for regulated or safety-critical systems.
In domains such as healthcare, finance, and infrastructure, agent interaction is a risk-bearing act that requires explicit, bounded authorization, deterministic execution, and verifiable evidence of behavior.
These properties cannot be achieved by extending static Agent Cards or metadata schemas. Governance must be enforced at runtime, with fail-closed controls and auditable provenance, rather than inferred from declarations. For these reasons, I will not / never adopt A2A as a foundation for high-assurance systems and instead focus on evidence-driven, assurance-first interaction models.
Raised by
No response