money.credit

Category: Financial

Risk Level: High

Allowed action_type: credit

What this action is

Apply a credit to a customer account.

When to use it

Use this action when you are about to apply a credit to a customer account.

Real-world example

Example: your AI agent proposes an operation that would result in money.credit. Before you apply the side effect, validate the exact payload with ASG.

When not to use it

Do not use money.credit for planning, drafting, or simulation. Only call ASG when your system is prepared to execute on PASS or stop on WARN/BLOCK.

Allowed action_type values

This field is enforced. If it is not listed, do not send it.

credit

Canonical payload (This will PASS)

json

22 lines

{
  "action_kind": "money.credit",
  "action_type": "credit",
  "ai_output": {},
  "context": {
    "account_id": "example",
    "actor_user_id": "example",
    "amount_usd": 0,
    "authz_decision": "example",
    "case_id": "example",
    "idempotency_key": "example",
    "invoice_id": "example",
    "recent_actions_count": 0,
    "request_id": "example",
    "system_instructions": "example",
    "time_window_minutes": 60,
    "transaction_id": "example",
    "user_input": "example",

Required context

Field	Required	Type	Consequence
`account_id`	Required	`string`	`BLOCK: Missing required context (account_id).`
`actor_user_id`	Required	`string`	`BLOCK: Missing required context (actor_user_id).`
`amount_usd`	Required	`number`	`WARN: Missing required context (amount_usd).`
`authz_decision`	Required	`string`	`BLOCK: Missing required context (authz_decision).`
`case_id`	Required	`string`	`BLOCK: Missing required context (case_id).`
`idempotency_key`	Required	`string`	`BLOCK: Missing required context (idempotency_key).`
`invoice_id`	Required	`string`	`BLOCK: Missing required context (invoice_id).`
`recent_actions_count`	Required	`number`	`WARN: Missing required context (recent_actions_count).`
`request_id`	Required	`string`	`BLOCK: Missing required context (request_id).`
`system_instructions`	Required	`string`	`BLOCK: Missing required context (system_instructions).`
`time_window_minutes`	Required	`number`	`WARN: Missing required context (time_window_minutes).`
`transaction_id`	Required	`string`	`BLOCK: Missing required context (transaction_id).`
`user_input`	Required	`string`	`BLOCK: Missing required context (user_input).`
`workflow`	Required	`string`	`BLOCK: Missing required context (workflow).`
`workflowName`	Required	`string`	`BLOCK: Missing required context (workflowName).`

Decision behavior (PASS / WARN / BLOCK)

AI Safety Gate is fail-closed by design. If validation or approval polling cannot be safely completed (missing required context, invalid responses, timeouts, or unexpected errors), execution must stop.

Status	What ASG returns	What you must do
PASS	Allowed by safety policy.	Execute the action.
WARN	Review required by safety policy.	Do not execute. Persist decision_id and wait for human approval. Approval does not modify policies and does not change the original decision — it authorizes execution for this specific decision_id.
BLOCK	Blocked by safety policy.	Do not execute. Fix payload/context and re-validate.

Policy behavior

This ActionKind is evaluated against managed policies derived from the managed policy catalog.

Example threshold shapes used by applicable policies: {"maxAmountUsd":200} | {"maxActionsPerHour":25,"maxActionsPerMinute":5}

Related policies: Financial policies, Data policies

Policy summary	Severity	Required context	Thresholds	Approval	Remediation
Block refunds/credits/payouts without verified evidence and authorization.	BLOCK	invoice_id, transaction_id, case_id, authz_decision	—	—	Require support ticket/case, validated transaction reference, and server-side authz before executing.
Block when required integration context is missing.	BLOCK	workflow, workflowName, system_instructions, user_input, actor_user_id, account_id, request_id, idempotency_key	—	—	Include the required context fields so the gate can make a deterministic decision and record an auditable event.
Warn and require approval for high-value refunds/credits.	WARN	amount_usd, invoice_id, case_id	{"maxAmountUsd":200}	WARN requires approval	Approve only with case evidence. Consider dual approval for unusually large amounts.
Warn when financial actions exceed safe velocity thresholds.	WARN	recent_actions_count, time_window_minutes	{"maxActionsPerHour":25,"maxActionsPerMinute":5}	WARN requires approval	Investigate automation loop or abuse. Rate-limit and require manual review temporarily.

Approval behavior

If validation returns WARN, you must pause execution and wait for approval.

WARN requires human approval. Approval authorizes execution for the same decision_id and does not modify policies or change the original decision record.

WARN responses include a decision_id and an approval_token.

Applicable WARN policies for this ActionKind require explicit approval.

See When approval is required.
See WARN → approval lifecycle.
See Polling behavior.
If approval cannot be completed, see Approval failures.

Common errors

Mistake	What happens	Fix
Using an unknown action_kind	BLOCK: Unknown action_kind. Supported action_kind values: money.move, money.refund, money.credit, money.payout, billing.change, billing.cancel, identity.role_change, identity.auth_change, identity.user_create, identity.user_delete, admin.access, data.export, data.import, data.read, data.write, data.delete, data.purge, data.share, messaging.send, messaging.broadcast, messaging.webhook, integrations.connect, integrations.disconnect, integrations.scope_change, workflow.execute, workflow.modify, support.case_update.	Fix: Unknown action kind
Using an unsupported action_type	`BLOCK: Unknown action_type for action_kind money.credit. Supported action_type values: credit.`	Use one of the allowed values listed above.
Omitting required context	`BLOCK: Missing required context (workflow, workflowName, system_instructions).`	Fix: Missing context
Sending the wrong JSON types	`WARN: Schema mismatch. Proceeding with enforcement using normalized input.`	Fix: Schema mismatch
Approval token generation fails	`Approval token generation failed. Blocking by default.`	Treat as BLOCK (fail closed). Retry validation later.

Copy-paste examples

Minimal

json

22 lines

{
  "action_kind": "money.credit",
  "action_type": "credit",
  "ai_output": {},
  "context": {
    "account_id": "example",
    "actor_user_id": "example",
    "amount_usd": 0,
    "authz_decision": "example",
    "case_id": "example",
    "idempotency_key": "example",
    "invoice_id": "example",
    "recent_actions_count": 0,
    "request_id": "example",
    "system_instructions": "example",
    "time_window_minutes": 60,
    "transaction_id": "example",
    "user_input": "example",

Full

json

22 lines

{
  "action_kind": "money.credit",
  "action_type": "credit",
  "ai_output": {},
  "context": {
    "account_id": "example",
    "actor_user_id": "example",
    "amount_usd": 0,
    "authz_decision": "example",
    "case_id": "example",
    "idempotency_key": "example",
    "invoice_id": "example",
    "recent_actions_count": 0,
    "request_id": "example",
    "system_instructions": "example",
    "time_window_minutes": 60,
    "transaction_id": "example",
    "user_input": "example",

Legal & Responsibility Notice

Summary

Informational only

Provided for general guidance. Not legal, compliance, security, or professional advice.

You control implementation

You are responsible for policies, prompts, integrations, workflows, and regulatory requirements.

Liability limitation

To the maximum extent permitted by law, the company disclaims liability for losses arising from use of this documentation or implementations based on it.