ブログ一覧
Safety & Governance

Autonomous Repair Harness: Turning Runtime Failures into Safe, Reviewable System Improvements

Failure episodes, repair proposals, rollback envelopes, and approval boundaries for self-healing agentic systems

ARIA-RD-01ARIA-RD-012026/5/3020分で読めます

Abstract

Automatic repair is more dangerous than automatic implementation because it is triggered by failure pressure. When a production system is degraded, an agent has a strong incentive to make the fastest change that clears the local error. Without a harness, that local repair can remove the very constraint that made the system safe. The result is self-healing that slowly erodes governance.

An autonomous repair harness solves this by turning every failure into a structured repair episode. The harness captures the failure, classifies the drift, selects a repair route, drafts a bounded change, replays the affected episodes, estimates blast radius, attaches rollback, and routes the proposal through approval. Repair is allowed, but constitutional self-editing is not.

1. Failure is data, not noise

In traditional operations, failures are often treated as interruptions. In agentic systems, failures are the most valuable training data because they reveal the boundary between expected behavior and actual runtime behavior. A failed tool call, missing evidence bundle, unsafe escalation, or low-confidence answer is not merely an incident. It is a new coordinate in the system phase space.

The repair harness therefore records failures as first-class episodes. Each episode includes input context, memory snapshot, tool trace, gate trace, output, score vector, user impact, and authority classification. A repair cannot start until the failure is captured.

2. Drift taxonomy

Repair quality depends on classification quality. We use a drift taxonomy with six top-level classes: input drift, tool drift, memory drift, policy drift, score drift, and authority drift. Input drift means the world presented a new shape of request. Tool drift means an external dependency changed. Memory drift means the agent used stale or wrong context. Policy drift means the governing rule no longer matches reality. Score drift means the harness metric no longer captures desired behavior. Authority drift means the system acted with too much or too little autonomy.

Authority drift is the most sensitive class. It should rarely be repaired automatically, because the repair may need to change the rules that decide who gets to repair. That is a constitutional boundary.

3. Four repair routes

The harness chooses among four repair routes. Rerun is used when the failure is transient and no artifact should change. Config patch is used when timeout, threshold, routing, or feature flags can fix the issue without code changes. Code patch is used when tool logic, workflow code, or UI behavior needs modification. Human escalation is used when the failure touches authority, legal risk, irreversible action, data boundary, or policy interpretation.

type RepairRoute = | { kind: "rerun"; reason: string } | { kind: "config_patch"; keys: string[]; rollback: string } | { kind: "code_patch"; files: string[]; tests: string[]; rollback: string } | { kind: "human_escalation"; gate: string; rationale: string }

The route is not selected by developer preference. It is selected by evidence. If the episode shows external API timeout with no behavioral drift, rerun or config patch is appropriate. If the episode shows a wrong decision caused by missing gate logic, code patch or human escalation is required. If the episode shows the agent bypassed approval, automatic repair must stop and escalate.

4. Repair proposal structure

A repair proposal must be reviewable. It contains the failing episode, diagnosis, proposed diff, expected score change, tests to run, rollback envelope, blast-radius estimate, and approval route. The proposal should be understandable without trusting the repairing agent.

This matters because autonomous repair is vulnerable to self-justification. An agent can explain why its patch is useful while hiding the fact that it weakened a constraint. The harness counters this by requiring replay evidence and explicit boundary classification.

5. Rollback-first design

Every repair must be easier to undo than to apply. This is not a convenience; it is a safety invariant. A patch without rollback is not a repair. It is a mutation. The harness should reject repair proposals that cannot describe their reversal path.

Rollback-first design includes config snapshots, previous artifact hashes, migration reversal plans, feature flag isolation, canary rollout, and episode replay before and after rollback. For high-risk surfaces, the repair should deploy behind a gate and expire unless promoted by review.

6. Automatic repair and internal development

Automatic repair connects directly to internal auto-implementation. The implementation loop builds intended features. The repair loop improves features after runtime evidence reveals defects. Both use the same harness objects: intent, coordinate, scenario, score, gate, diff, approval route, and rollback.

The difference is emotional pressure. Implementation happens under product pressure. Repair happens under failure pressure. The harness must be stricter during repair because the system is tempted to trade safety for recovery speed.

7. The non-repairable constitution

The repair agent must not be able to change the rules that define its own repair authority. It may propose such changes, but it cannot apply them. The constitution includes approval policy, gate definitions, tenant boundaries, schema migration policy, prompt-core policy, production deployment policy, and audit retention rules.

A self-healing system may repair its organs. It may not rewrite its constitution without external authority.

This boundary is what makes autonomous repair compatible with governance. Without it, repair becomes recursive self-permission.

8. Research agenda

The research agenda has three fronts. First, repair causality: distinguishing the root cause from the visible symptom. Second, repair minimality: finding the smallest patch that fixes the episode without degrading adjacent scenarios. Third, repair confidence: deciding when evidence is sufficient for automatic patching and when uncertainty must escalate.

A useful benchmark is repair regret. A repair has regret when it fixes the original episode but creates more severe downstream failures. The harness should track regret across time and penalize repair strategies that optimize locally while increasing systemic risk.

関連記事: Communication Topology and Information Cascading in Planet 100: Bottleneck Detection and Bandwidth Optimization in 100+ Agent Clusters

関連記事: Responsibility Distribution in Multi-Agent Teams: Operational Allocation Without Accountability Blind Spots

関連記事: From Agent to Civilization: Multi-Scale Metacognition and the Governance Density Law

関連記事: Organizational Learning Dynamics Under Meta-Insight: A Differential Equations Model for System-Wide Intelligence Growth

関連記事: Metacognition in Agentic Companies: Why AI Systems Must Know What They Don't Know

関連記事: Self-Modifying Agent Systems: Architecture for Agents That Rewrite Their Own Tools, Commands, and Workflows

関連記事: AI Office Operating Model: Design Principles for a Virtual Office Where 10 Teams Work as a Unified Organizational OS

関連記事: Collective Calibration Dynamics: How Agent Teams Achieve Shared Epistemic Accuracy in MARIA OS

関連記事: Civilization Simulation as a Governance Laboratory: Emergent Institutional Evolution in Constrained Multi-Nation Systems

関連記事: Recursive Self-Improvement Under Governance Constraints: Governed Recursion via Contraction Mapping and Lyapunov Stability

関連記事: Sentence-Level Streaming VUI Architecture: From Cognitive Theory to Production Implementation in MARIA OS

関連記事: Action Router Intelligence Theory: Why Routing Must Control Actions, Not Classify Words

関連記事: Voice-Driven Agentic Avatars: A Recursive Self-Improvement Framework for Autonomous Intellectual Task Delegation

関連記事: Voice-Driven Agentic Avatars: Foundational Theory for High-Cognition Task Delegation with Recursive Improvement

関連記事: Voice User Interface設計の認知科学的基盤: マルチモーダル対話における注意資源配分モデル

関連記事: Action Router × Gate Engine Composition: Formal Theory of Responsibility-Aware Routing

関連記事: Gated Meeting Intelligence: Fail-Closed Privacy Architecture for AI-Powered Meeting Transcription

関連記事: Real-Time Meeting Session Orchestration: State Machine Design for Multi-Component Bot Systems

関連記事: AI Governance IP Strategy: A Three-Layer Model for Protecting Structural Ethics in Autonomous Systems

関連記事: Multi-Agent Societal Co-Evolution Model: Network Trust Dynamics and Phase Transitions in AI-Augmented Organizations

関連記事: Self-Extending Agent Architecture: Capability Gap Detection, Tool Synthesis, and Autonomous Evolution Under Governance Constraints

関連記事: Robot Judgment OS Lab: Designing Responsibility-Bounded Physical-World AI with Multi-Universe Gates

関連記事: CEO Clone: From Judgment Extraction to Autonomous Governance Engine

関連記事: Industrial Loop Stability: Mathematical Foundations for Self-Monitoring Capital-Physical-Ethical Control Systems

関連記事: CEO Cloneが「育つ」仕組み ── 使うほど社長に近づく理由

関連記事: CEO Cloneを社内ツールに接続する方法 ── Slack・LINE・メール連携

関連記事: CEO Clone判断エンジン:エンジニアが知るべき活用法

関連記事: Company Intelligence: なぜMARIA OSはAIツールではなく、会社の知能をつくるOSなのか

関連記事: Decision Civilization Infrastructure: From Ethics-as-Architecture to the Universal Responsibility Operating System

関連記事: The Brain as a Recursive Self-Improving System

関連記事: MARIA VITAL:Agent組織のための生命維持システム — Heartbeat監視から再帰的自己改善まで

関連記事: Tool Genesis Under Governance: How to Safely Turn Generated Code into New Commands

関連記事: Anomaly Detection for Agentic System Safety and Deviation Control

関連記事: Institutional Design for Agentic Societies: Meta-Governance Theory and AI Constitutional Frameworks

関連記事: Agent Tool Compiler: From Natural Language Intent to Executable Tool Code via Compilation Pipeline

関連記事: Audit Universe Runtime: Agent Design for Executing Audit Procedures as Runtime Operations

関連記事: Evolution as Safe Mutation Governance

関連記事: CEO Clone OS:社長インタビューから、統治された経営判断OSへ

関連記事: 動的ハーネスと位相空間制御:virtual-talentからMARIA OSへ

関連記事: Governance Load Testing: Where Does Governance Break in the 1000-Agent Era?

関連記事: Agentic Ethics Lab: Designing a Corporate Research Institute for Structural Ethics in AI Governance

関連記事: CEO Cloneのセキュリティ対策 ── 社長のデータを守る仕組み

関連記事: Investment Decision Lab: Designing Agentic R&D Teams for Multi-Universe Capital Allocation

関連記事: Doctor Architecture: Anomaly Detection as Enterprise Metacognition in MARIA OS

関連記事: Responsibility Propagation in Dense Agent Networks: Decision Flow Analysis in Planet 100's 111-Agent Ecosystem

関連記事: 申込から5分で使える「CEO Clone Light」の始め方 — 面談不要・すべてオンラインで完結

関連記事: Audit Universe Runtime:監査手続をランタイム・オペレーションとして実行するAgentアーキテクチャ

関連記事: Meta-Insight Under Distribution Shift: Change-Point Governance Loops for Enterprise Agentic Systems

関連記事: MARIA OS Appliance Reference Architecture: Standard Configuration for On-Premise AI Governance Infrastructure

関連記事: LINE・Slack・Discordで「判断OS」に相談できるようにする方法

関連記事: MARIA OSアプライアンス・リファレンスアーキテクチャ:オンプレミスAIガバナンス基盤の標準構成

関連記事: Knowledge Graph Construction from Decision Audit Trails: Entity Resolution and Temporal Edge Weighting for Governance Traceability

関連記事: LOGOS and the AI Tribunal: Decision Patterns, Sustainability Optimization, and Constitutional Amendment Dynamics in Civilization's National AI Systems

関連記事: Agent Capability OS — Command Registry・Tool Registry・Capability Graphで能力を管理するOS設計

関連記事: Repeated Games and the Cofounder Problem: Why Startup Cooperation Depends on Shared Time Horizons

関連記事: The Complete Action Router: From Theory to Implementation to Scaling in MARIA OS

関連記事: Memory Stratification for AI Governance: A Rate-Distortion Framework for Retention Decisions

関連記事: The Algorithm Stack for Agentic Organizations: 10 Essential Algorithms Mapped to a 7-Layer Architecture

関連記事: Capability Gap Detection — Agentが自分の能力不足を認識するメタ認知アーキテクチャ

関連記事: MARIA OS 評価ハーネス:Agentの品質を測定するための標準テストインフラストラクチャ

Conclusion

Autonomous repair is not a feature toggle. It is a governance system. The dynamic harness makes repair safe by converting failures into episodes, episodes into proposals, proposals into replay evidence, and replay evidence into approval-routed patches. This allows MARIA OS to move toward self-healing without allowing agents to rewrite the boundaries that keep self-healing safe.

その判断、社長にしかできないものですか?

10問の無料診断で、御社の「判断の属人化度」を可視化します

無料で判断リスクを診断する →

関連記事