Skip to main content
Every risk score produced by the scoring engine is classified into one of four discrete levels using the RiskLevel enum. Each level determines the challenge type presented to the human operator.

Risk Level Thresholds

LevelScore RangeDefault ChallengeColor
LOW0.00.3Auto-approveGreen
MEDIUM0.30.6ConfirmYellow
HIGH0.60.8QuizOrange
CRITICAL0.81.0Multi-partyRed
Boundary values are inclusive on the lower bound. A score of exactly 0.3 is MEDIUM, a score of exactly 0.6 is HIGH, and a score of exactly 0.8 is CRITICAL.

The RiskLevel Enum

from attesta import RiskLevel

# Enum members
RiskLevel.LOW        # "low"
RiskLevel.MEDIUM     # "medium"
RiskLevel.HIGH       # "high"
RiskLevel.CRITICAL   # "critical"

# Convert a numeric score to a risk level
level = RiskLevel.from_score(0.72)
print(level)          # RiskLevel.HIGH
print(level.value)    # "high"

from_score() Classification Logic

@classmethod
def from_score(cls, score: float) -> "RiskLevel":
    if score < 0.3:
        return cls.LOW
    elif score < 0.6:
        return cls.MEDIUM
    elif score < 0.8:
        return cls.HIGH
    else:
        return cls.CRITICAL

Visual Risk Bar

When using the TerminalRenderer, Attesta displays a colored risk bar in the terminal showing the score and level: 
 Risk Assessment
 ├── Score: 0.72
 ├── Level: HIGH
 └── Bar:   ██████████████████████████████░░░░░░░░░░  72%
The bar color transitions from green through yellow and orange to red as the score increases.

Default Challenge Map

The default mapping from risk levels to challenges is:
Risk LevelChallengeReasoning
LOWAuto-approveLow-risk reads need no friction
MEDIUMConfirmChallengeSimple Y/N confirmation with pause
HIGHQuizChallengeForces operator to read and understand the action
CRITICALMultiPartyChallengeRequires 2+ independent approvers
You can override the default challenge map in your attesta.yaml configuration. For example, you might map HIGH-risk actions to TeachBackChallenge instead of QuizChallenge.

Overriding the Challenge Map

from attesta import Attesta, RiskLevel
from attesta.challenges import TeachBackChallenge, MultiPartyChallenge

attesta = Attesta(
    challenge_map={
        RiskLevel.LOW: None,                    # auto-approve
        RiskLevel.MEDIUM: "confirm",
        RiskLevel.HIGH: TeachBackChallenge(),   # custom override
        RiskLevel.CRITICAL: MultiPartyChallenge(required_approvers=3),
    }
)

Trust-Adjusted Risk

The Trust Engine can shift the effective risk level for agents with a proven track record. A trusted agent’s MEDIUM action might be treated as LOW, reducing friction. However, a critical safety invariant applies:
CRITICAL actions are never downgraded. Regardless of an agent’s trust score, actions scoring 0.8 or above always require multi-party approval. This invariant is enforced in the Trust Engine and cannot be overridden.
# Trust can lower effective risk for non-critical actions:

raw_score = 0.55   # MEDIUM
trust = "high"
effective_level = RiskLevel.LOW       # downgraded -> auto-approve

raw_score = 0.85   # CRITICAL
trust = "high"
effective_level = RiskLevel.CRITICAL  # NOT downgraded -> multi-party required

Comparison Table

AspectLOWMEDIUMHIGHCRITICAL
Score range0.0–0.30.3–0.60.6–0.80.8–1.0
Typical actionsRead, list, checkCreate, update, setDeploy, execute, runDelete, drop, destroy
User frictionNone~3 seconds~10 seconds~30+ seconds
Approvers needed0112+
Trust can downgradeN/AYesYesNo
Audit loggedYesYesYesYes

Risk Scoring

How the 5-factor scorer produces a numeric score

Challenges

The challenge system and how levels map to challenges