Problem: Dryrun Security¶

Agent-based systems can act unpredictably when planning logic is hidden or implicit. Without a clear preview of what an agent intends to do, reviewers, developers, and compliance officers are forced to react after execution — when tokens have already been consumed and consequences already triggered.

Why This Is a Problem¶

• You can’t trust what the agent will do until it does it.
• Plans may include steps the reviewer wasn’t aware of.
• There is no built-in way to “audit” intent before execution.
• Token costs are invisible until after generation.
• LLM toolchains lack dryrun equivalents for validating agent steps pre-runtime.

Dokugent’s Solution¶

Dokugent introduces dryrun-aware planning via:

• dokugent plan trace — inspects all planned steps before they are executed
• dokugent dryrun — simulates plugins or tools with mock input/output
• criteria.md — defines preconditions and success thresholds for agent plans
• dokugent certify — locks plan behavior into a signed, auditable manifest

Benefits of Dryrun¶

• Trust UX — reviewers can inspect and approve agent logic before execution
• Cost control — token-heavy steps can be optimized or skipped before runtime
• Audit trail — every linked step and decision is traceable and documented
• Cross-model validation — trace output is LLM-readable (e.g. Claude, Gemini)

Related Use Cases¶

• Trace Agent Intent Before It Acts