Getting Started

Create your first agent context

Agent contexts bind hidden session values, SQL reads, hybrid search, and memory into replayable inputs.

Overview

Contexts are the trust boundary for agent reads.

Hidden session bindings prevent the model from choosing tenant or principal values.

Evidence-required capabilities record which rows, chunks, and memory facts were used.

Developer notes

Bind tenant_id from SESSION and mark it HIDDEN.
Keep user-provided values in INPUT bindings.
Filter every SQL and hybrid source by hidden tenant context.
Require evidence for customer-visible agent answers.

Agent context DDL

SQL

-- support.ticket_context is the developer-defined context name.
CREATE AGENT CONTEXT support.ticket_context
ROOT tickets AS ticket                       -- tickets is your table; ticket is the local alias
LOOKUP ticket.id = SESSION current_ticket_id -- current_ticket_id is set by your backend session
BIND tenant_id FROM SESSION tenant_id        -- trusted tenant scope
BIND principal FROM SESSION principal        -- trusted actor identity
SEARCH policy_chunks AS policy_hits USING HYBRID(policy_chunks.body) -- policy_hits is the retrieval step
  QUERY ARG question                         -- question is supplied by INVOKE/SDK args
  FILTER policy_chunks.tenant_id = SESSION tenant_id -- tenant filter uses trusted session scope
  TOP 5                                      -- maximum policy chunks returned
OUTPUT SLOTS
  ticket_id AS ticket.id,                    -- output slot mapped from ticket.id
  subject AS ticket.subject,
  status AS ticket.status
EVIDENCE ON;                                 -- record rows/search hits as evidence

Examples

sql

-- support.answer_ticket is the developer-defined action name.
CREATE AGENT CAPABILITY support.answer_ticket
DESCRIPTION 'Answer one support ticket with policy evidence'
ARG question VARCHAR REQUIRED                -- caller value from WITH JSON or SDK args
HIDDEN tenant_id FROM SESSION tenant_id      -- backend-owned tenant guard
HIDDEN principal FROM SESSION principal      -- backend-owned actor identity
HIDDEN current_ticket_id FROM SESSION current_ticket_id -- selected ticket id
USE CONTEXT support.ticket_context           -- context created above
EXECUTION READ ONLY                          -- cannot stage or commit writes
RETURNS JSON '{"type":"object","properties":{"decision":{},"answer":{},"evidence_bundle":{}}}'
PROFILE MINIMAL                              -- compact response profile
INLINE EVIDENCE handles_only;                -- return evidence lookup records, not full evidence objects