The Sentinel
Engine telemetry is precise but opaque. A gamma headroom of 0.05, a criticality of 0.75, and a steps-to-breach of 3.0 are exact — but they do not tell an operator what is happening, how fast it is happening, or what to do about it.
Sentinel translates these numbers into narratives.
What Sentinel Does
Section titled “What Sentinel Does”When the evaluation pipeline produces an escalation, Sentinel receives the engine telemetry — a structured feed of recent tick data, warning signals, and escalation context — and produces three things:
A narrative. A plain-language summary of the system’s state and trajectory. At the CRITICAL risk level, this reads like: “System stability is deteriorating rapidly. Gamma has dropped to 0.250 against a floor of 0.200, leaving only 5.0% headroom. Warning criticality has escalated from 0.0 to 0.75 over the last 3 ticks, with impact projected in 3.0 steps. Immediate operator review recommended.”
Highlighted metrics. The two or three most important numbers, extracted from the telemetry and annotated with severity. An operator sees “Gamma state: 0.250 (floor: 0.200)” tagged as CRITICAL, “Steps to breach: 2.5” tagged as CRITICAL, and “Warning trend: 0.00 to 0.75 over 3 ticks” tagged as ELEVATED.
A risk level. A single classification — NOMINAL, ELEVATED, or CRITICAL — that summarizes the overall urgency.
Risk Levels
Section titled “Risk Levels”| Level | Meaning | Typical conditions |
|---|---|---|
| NOMINAL | Escalation may be precautionary | Comfortable headroom, no warning trend, stable trajectory |
| ELEVATED | Trajectory shows a concerning trend | Active warning, moderate headroom pressure, increasing criticality |
| CRITICAL | Immediate human attention required | Near or below floor, rapid escalation, projected breach within a few steps |
Risk classification combines multiple signals: gamma headroom, warning trend direction, steps to breach, and whether a loss event appears in the recent telemetry window. A CRITICAL signal from any single indicator elevates the overall assessment to at least ELEVATED.
Highlight Severities
Section titled “Highlight Severities”Each highlighted metric carries its own severity classification:
| Severity | Meaning |
|---|---|
| INFO | Informational context — no action needed |
| ELEVATED | Worth monitoring — the trend may worsen |
| CRITICAL | Requires immediate attention |
Deployment Behavior
Section titled “Deployment Behavior”Sentinel runs inside the Substrate deployment and receives only telemetry produced by the evaluation engine. It does not need outbound network access to generate operator-facing summaries.
Integration Points
Section titled “Integration Points”Sentinel is used in two places:
The TUI dashboard. When kairos observe is launched with --sentinel, the dashboard includes a Sentinel assessment panel. Operators see the narrative, highlighted metrics, and risk level alongside the live engine telemetry.
Operator review. When a workflow requires human review, the Sentinel assessment can be shown alongside the raw evaluation data, giving operators both quantitative and narrative context for their decision.