AGENTS.md TemplatesAGENTS.md Template

Procurement Workflow AGENTS.md Template

AGENTS.md Template for procurement workflow agents to govern AI coding agents in supplier evaluation, contract review, and finance approvals.

AGENTS.md TemplateprocurementAI coding agentsmulti-agent orchestrationagent handoffsvendor evaluationcontract reviewfinance approvaltool governancehuman review

Target User

Developers, product teams, engineering leaders, and procurement engineers

Use Cases

  • supplier evaluation
  • vendor outreach
  • contract review
  • budget validation
  • PO creation

Markdown Template

Procurement Workflow AGENTS.md Template

# AGENTS.md

Project Role: Procurement Automation Engineer leads the procurement automation project and ensures governance.

Agent roster and responsibilities:
- Planner Agent: collects procurement requests, validates requirements, creates initial vendor evaluation tasks.
- Vendor Sourcing Agent: searches the supplier database, proposes top vendors, and collects baseline quotes.
- Compliance Agent: checks policy and regulatory constraints, flags exceptions, and ensures data handling follows policy.
- Contract Review Agent: analyzes contract terms, flags risk, and surfaces negotiation points.
- Finance Approval Agent: validates budget, obtains approvals, and records financial constraints.

Supervisor or orchestrator behavior:
- The Orchestrator monitors task status, assigns next steps, and maintains global provenance. It triggers handoffs based on rules and alerts the human reviewer when thresholds are crossed.

Handoff rules between agents:
- Planner -> Vendor Sourcing: trigger when requirements are validated.
- Vendor Sourcing -> Compliance: trigger when vendor shortlist is ready and policy checks are needed.
- Compliance -> Contract Review: trigger when terms require risk assessment.
- Contract Review -> Finance Approval: trigger after budget check is satisfied.
- Finance Approval -> Archival/PO generation: trigger after approvals complete.

Context, memory, and source-of-truth rules:
- Memory stores the latest decision, vendor list, quotes, and policy flags.
- Source of truth: ERP procurement module, supplier database, contract management system, and budget ledger.
- All outputs must reference the source documents and IDs.

Tool access and permission rules:
- Access to ERP procurement APIs, supplier database, contract management system, and vendor portal is allowed only through the orchestrator with least privilege.
- Secrets are stored in a secure vault and never hard-coded.

Architecture rules:
- Components are stateless; the orchestrator preserves state.
- Each agent exposes a narrow interface and cannot bypass orchestrator rules.

File structure rules:
- Prohibit unrelated files; maintain a procurement/ sub-tree under workflows.

Data, API, or integration rules when relevant:
- Use ERP IDs for procurements; only expose vendor IDs to agents.
- Keep PII encrypted and access-controlled.

Validation rules:
- All outputs must include a source of truth reference and a timestamp.
- Cross-check quotes against baseline expectations.

Security rules:
- Do not reveal credentials; never perform production payments without CFO approval on the Finance step.
- Ensure data is encrypted in transit and at rest where applicable.

Testing rules:
- Unit tests for each agent interface; integration tests for end-to-end flow; smoke tests after deployment.

Deployment rules:
- Deploy orchestrator and agents together via a controlled release pipeline.
- Rollback plan required for any failed deployment.

Human review and escalation rules:
- If a contract contains terms outside policy, escalate to procurement manager.
- Any high-risk vendor or contract triggers human review and sign-off.

Failure handling and rollback rules:
- Implement exponential backoff on transient API failures.
- Rollback changes to quotes and vendor selections if approvals fail.

Things Agents must not do:
- Do not execute payments or finalize orders without explicit approvals.
- Do not bypass policy checks or manipulate vendor data.
- Do not share secrets or expose sensitive data to vendors.

Overview

The AGENTS.md template for procurement workflow agents provides a formal operating manual for AI coding agents involved in supplier evaluation, contract review, and finance approvals. It supports both single-agent execution and multi-agent orchestration with clear handoffs, tool governance, and human review gates.

Direct answer: This AGENTS.md template defines roles, policies, and coordination patterns to automate procurement tasks with guardrails and auditability.

When to Use This AGENTS.md Template

  • You are automating end-to-end procurement tasks that require multiple skill sets (planning, sourcing, compliance, legal, and finance).
  • You need clear handoffs and escalation paths between agents and human reviewers.
  • You require governance over data access, tool usage, and security in procurement automation.
  • You want a reusable, project-level operating context for procurement automation across teams.

Copyable AGENTS.md Template

# AGENTS.md

Project Role: Procurement Automation Engineer leads the procurement automation project and ensures governance.

Agent roster and responsibilities:
- Planner Agent: collects procurement requests, validates requirements, creates initial vendor evaluation tasks.
- Vendor Sourcing Agent: searches the supplier database, proposes top vendors, and collects baseline quotes.
- Compliance Agent: checks policy and regulatory constraints, flags exceptions, and ensures data handling follows policy.
- Contract Review Agent: analyzes contract terms, flags risk, and surfaces negotiation points.
- Finance Approval Agent: validates budget, obtains approvals, and records financial constraints.

Supervisor or orchestrator behavior:
- The Orchestrator monitors task status, assigns next steps, and maintains global provenance. It triggers handoffs based on rules and alerts the human reviewer when thresholds are crossed.

Handoff rules between agents:
- Planner -> Vendor Sourcing: trigger when requirements are validated.
- Vendor Sourcing -> Compliance: trigger when vendor shortlist is ready and policy checks are needed.
- Compliance -> Contract Review: trigger when terms require risk assessment.
- Contract Review -> Finance Approval: trigger after budget check is satisfied.
- Finance Approval -> Archival/PO generation: trigger after approvals complete.

Context, memory, and source-of-truth rules:
- Memory stores the latest decision, vendor list, quotes, and policy flags.
- Source of truth: ERP procurement module, supplier database, contract management system, and budget ledger.
- All outputs must reference the source documents and IDs.

Tool access and permission rules:
- Access to ERP procurement APIs, supplier database, contract management system, and vendor portal is allowed only through the orchestrator with least privilege.
- Secrets are stored in a secure vault and never hard-coded.

Architecture rules:
- Components are stateless; the orchestrator preserves state.
- Each agent exposes a narrow interface and cannot bypass orchestrator rules.

File structure rules:
- Prohibit unrelated files; maintain a procurement/ sub-tree under workflows.

Data, API, or integration rules when relevant:
- Use ERP IDs for procurements; only expose vendor IDs to agents.
- Keep PII encrypted and access-controlled.

Validation rules:
- All outputs must include a source of truth reference and a timestamp.
- Cross-check quotes against baseline expectations.

Security rules:
- Do not reveal credentials; never perform production payments without CFO approval on the Finance step.
- Ensure data is encrypted in transit and at rest where applicable.

Testing rules:
- Unit tests for each agent interface; integration tests for end-to-end flow; smoke tests after deployment.

Deployment rules:
- Deploy orchestrator and agents together via a controlled release pipeline.
- Rollback plan required for any failed deployment.

Human review and escalation rules:
- If a contract contains terms outside policy, escalate to procurement manager.
- Any high-risk vendor or contract triggers human review and sign-off.

Failure handling and rollback rules:
- Implement exponential backoff on transient API failures.
- Rollback changes to quotes and vendor selections if approvals fail.

Things Agents must not do:
- Do not execute payments or finalize orders without explicit approvals.
- Do not bypass policy checks or manipulate vendor data.
- Do not share secrets or expose sensitive data to vendors.

Recommended Agent Operating Model

Roles, responsibilities, decision boundaries, and escalation paths for procurement automation agents.

Recommended Project Structure

procurement-workflow/
├── orchestrator/
├── agents/
│   ├── planner/
│   ├── vendor_sourcing/
│   ├── compliance/
│   ├── contract_review/
│   └── finance_approval/
├── data/
├── integrations/
├── tests/
└── docs/

Core Operating Principles

  • Single source of truth for procurement decisions.
  • Idempotent, auditable actions with traceable provenance.
  • Least privilege access and secure secret handling.
  • Clear, documented handoffs and escalation paths.
  • Observability with explicit success/failure signals.

Agent Handoff and Collaboration Rules

  • Planner to Vendor Sourcing: trigger when requirements are validated.
  • Vendor Sourcing to Compliance: trigger when vendor shortlist exists and policy checks are needed.
  • Compliance to Contract Review: trigger for risk assessment of terms.
  • Contract Review to Finance Approval: trigger after risk and terms pass policy checks.
  • Finance Approval to Archival/PO: trigger after approvals and PO creation.

Tool Governance and Permission Rules

  • Only orchestrator can call ERP, supplier DB, or contract system APIs.
  • Secrets stored securely; no hard-coded credentials.
  • All tool actions require traceable audit logs and human review for edge cases.

Code Construction Rules

  • Keep agents small, testable, and deterministic.
  • Follow the project structure; avoid cross-workflow coupling.
  • Use clear IDs for procurements and vendors; reference them in all outputs.

Security and Production Rules

  • Data encryption in transit and at rest; PII handling must follow policy.
  • Do not run production payments without CFO approval.
  • Quarantine sensitive events; never leak credentials.

Testing Checklist

  • Unit tests for each agent interface.
  • Integration tests covering end-to-end procurement flow.
  • Regression tests after changes to policies.

Common Mistakes to Avoid

  • Skipping formal handoffs and memory management.
  • Bypassing policy checks or using unsafe shortcuts.
  • Neglecting audit logs and traceability.

FAQ

What is the purpose of this AGENTS.md Template for procurement?

To define roles, handoffs, and governance for AI agents in procurement workflows.

Which agents are included in the procurement workflow roster?

Planner, Vendor Sourcing, Compliance, Contract Review, and Finance Approval agents.

How are handoffs between agents managed?

The Orchestrator coordinates task progression and triggers defined handoffs based on rules and policy checks.

What about security and data governance?

Least privilege, secret management, encryption, and audit logs are mandatory for all tool actions.

How are failures handled?

Retries with backoff, escalation to human review, and rollback of non-committed decisions.