My AI agents always have a constitution.
Not a cute prompt. A real operating contract.
I use one for my newsletter agent that helps me track AI news, explain technical updates, and collect useful educational resources.
The agent is not allowed to start with writing. It must start with verification.
The Claim Ledger
Every story goes through a claim ledger first:
Claim: what it wants to say.
Source: where it found the claim.
Date published: when the source was released.
Date checked: when the agent verified it.
Calculation: formula if a number was derived.
Confidence: high, medium, or low.
Risk: normal, sensitive, or harmful.
Permission: draft, ask, or stop.
That ledger is the difference between content and accountable content.
If a claim has no source, it cannot enter the newsletter. If a number appears, the agent must show where it came from or how it was calculated. If two sources disagree, the agent must show the disagreement instead of pretending there is one clean answer. If a news item is old, the agent must say so. If the date is missing, unclear, or based on a repost, the agent must flag it. If a claim touches money, health, law, reputation, or personal data, the agent must ask before taking any external action.
Most people skip this step. They write a system prompt that says something like "be accurate and helpful" and assume the model will figure out what that means. It will not. Accuracy without structure is just a suggestion. Structure without enforcement is just decoration. The claim ledger is neither. It is a gate. Nothing passes through without filling every field.
Why the Ledger Exists
The reason I built the ledger is not because I do not trust the model. It is because I do not trust the absence of a process.
When a human journalist writes a story, there is an editorial workflow. Someone checks the facts. Someone reviews the framing. Someone asks whether the headline overpromises. That workflow exists because humans learned, over decades, that even well-intentioned writers make mistakes when there is no structure around their work.
An AI agent is no different. The model might be capable of producing accurate content. But without a verification step, you have no way of knowing whether any given output is accurate or just plausible. And plausible is the most dangerous category, because it passes every casual review.
The ledger forces the agent to slow down. Before it writes a sentence, it has to answer: where did this come from? When was it published? How confident am I? Is this sensitive? Do I need permission to proceed?
That friction is the point.
Style as a Constraint, Not a Preference
But facts are only one part of the constitution. My agent also has style rules.
No emojis. No dashes. No inflated words. No fake certainty. No sentence that sounds like a press release. No hiding behind jargon when a simple word will do.
It must explain AI content like a technical teacher, not like a hype machine.
For example, if a model gets a larger context window, the agent cannot just write "this changes everything". It has to explain what changed.
More tokens means the model can hold more text in memory during one request. That can help with long documents, codebases, research papers, and multi-step reasoning. But it does not automatically mean the model understands better, checks facts better, or becomes safer.
That is the kind of explanation I want. Clear enough for a beginner. Accurate enough for an engineer. Honest enough for a decision maker.
Style rules might seem cosmetic. They are not. The way an agent writes shapes how a reader interprets the information. If the tone is breathless, the reader assumes the news is bigger than it is. If the language is vague, the reader fills in the gaps with their own assumptions. If the framing is promotional, the reader stops trusting the source, even if the underlying facts are correct.
Style is not separate from accuracy. It is part of accuracy. A factually correct statement wrapped in misleading framing is still misleading.
Authority Leakage
This is the part many people miss about agents. The danger is not only hallucination. The deeper danger is authority leakage.
A model can sound certain while crossing a boundary it was never given permission to cross.
It can state a legal opinion as if it were a lawyer. It can recommend a medical course of action as if it were a clinician. It can present a financial projection as if it had access to the company's books. None of these require the model to hallucinate. The facts might be correct. The problem is that the model is speaking with an authority it does not have, in a domain where that authority matters.
This is why the permission field in the claim ledger exists. Not every claim carries the same risk. A claim about a new model release is different from a claim about a company's revenue. A claim about a technical benchmark is different from a claim about someone's professional reputation. The agent needs to know the difference, and it needs to behave differently depending on which category the claim falls into.
Draft means the agent can write it and include it in the output. Ask means the agent must flag it for human review before publishing. Stop means the agent must not proceed at all.
That three-tier system is simple. It is also the single most important part of the constitution. Because it draws a line between what the agent is allowed to do on its own and what requires a human in the loop.
What a Constitution Actually Looks Like in Practice
A constitution is not a single prompt. It is a set of rules that the agent checks against at every step of its workflow.
Before gathering information: what sources am I allowed to use? What sources am I not allowed to use? How recent does a source need to be?
Before writing: does every claim in my draft have a corresponding entry in the ledger? Are there any claims where the confidence is low? Are there any claims in the sensitive or harmful risk category?
Before publishing: have all "ask" items been reviewed? Have all "stop" items been removed? Does the tone match the style rules? Is there any sentence that implies certainty where the evidence only supports probability?
Each of these checkpoints is a gate. The agent cannot move to the next step without clearing the current one. That is what makes it a constitution and not a suggestion.
The Single Rule
So my rule for every agent is simple: before you answer, show what you know, how you know it, what you are guessing, how recent the information is, and what you are not allowed to do.
That single rule turns an agent from a confident text generator into a controlled system.
It does not make the agent slower. It makes the agent trustworthy. And in any context where the output matters, where someone will read it and make a decision based on it, trustworthiness is not a feature. It is the minimum requirement.
The models will keep getting better. The context windows will keep getting larger. The tool integrations will keep getting deeper. None of that changes the fundamental question: does this agent know what it is allowed to do, and does it stop when it reaches the boundary?
If the answer is yes, you have a system. If the answer is no, you have a liability.
