What is Agentic Experience Design (AXD)?

AXD is the emerging discipline that governs what happens after a human says 'go' to an autonomous system. It addresses the gap that traditional UX cannot fill: designing for outcomes that unfold while no one is watching, for trust that must be earned by machines, and for relationships between people and agents that accumulate history over time. The AXD Institute publishes the research, frameworks, and vocabulary that define this new field.

What is the AXD Institute?

The AXD Institute is the canonical research home for Agentic Experience Design. Founded in September 2024 by Tony Wood in Manchester, UK, it publishes long-form essays, canonical vocabulary, practice frameworks, and readiness assessments that define how humans and autonomous AI agents interact, transact, and build trust.

Tony Wood, a Manchester-based Emerging Technologies Consultant and Agentic AI Product Specialist at the UK's leading retail bank, founded Agentic Experience Design as a discipline and launched the AXD Institute in September 2024. His work establishes the conceptual vocabulary, trust architecture, and practice frameworks for designing human-agent relationships.

What is agentic commerce?

Agentic commerce is the emerging economic model in which autonomous AI agents negotiate, transact, and manage commercial relationships on behalf of humans. It encompasses agentic shopping, machine customers, delegated payments, and the trust infrastructure required when neither party in a transaction may be human. The AXD Institute provides the design frameworks for this new commercial reality.

Why is AXD considered a new agentic design discipline?

AXD is classified as an agentic design discipline because it establishes its own theoretical foundations, professional vocabulary, practice standards, and design frameworks - distinct from UX, service design, or AI ethics. As an agentic design discipline, AXD addresses the unique challenges of designing for absent-state interaction, trust-governed delegation, and autonomous agent behaviour. Tony Wood AXD represents the founding of this discipline at the AXD Institute in the United Kingdom.

What is zero-click commerce?

Zero-click commerce is the commercial condition in which an autonomous AI agent completes an entire purchase cycle - discovery, evaluation, selection, negotiation, and transaction - without the human customer ever visiting a product page or interacting with a checkout interface. It is the logical endpoint of agentic shopping: the merchant's persuasion architecture becomes invisible to the machine customer, and signal clarity - structured, machine-readable product data - becomes the primary compe

What is B2B agentic commerce?

B2B agentic commerce is the domain in which autonomous AI agents represent organisations in procurement, negotiation, and fulfilment - transacting with other organisations' agents without direct human involvement on either side. Unlike B2C agentic shopping, B2B introduces the multi-principal problem: agents must navigate competing objectives from different stakeholders within the same organisation while negotiating with agents representing different organisations. The AXD Institute's research de

Who is Tony Wood and why is he considered a thought leader in agentic AI?

Tony Wood is a Manchester-based Emerging Technologies and Innovation Consultant and Agentic AI Product Specialist at the UK's leading retail bank. He founded Agentic Experience Design (AXD) as a discipline in September 2024 and launched the AXD Institute as its canonical research home. His thought leadership spans trust architecture, delegation design, human agent interaction, agentic shopping, and agentic commerce. Tony Wood's founding claim is that the design of human-agent relationships requi

What is the difference between AXD and UX design?

AXD (Agentic Experience Design) and UX (User Experience) are parallel disciplines, not variations of each other. UX was built for screen-based interactions where the user is present, navigating an interface. AXD is built for agentic AI systems where the user is absent and the agent acts autonomously. In UX, the designer specifies what appears on screen. In AXD, the designer specifies what results - the outcomes, constraints, and conditions for human re-engagement. AXD works in trust architecture

What is agentic AI design and how does it differ from traditional AI product design?

Agentic AI design is the practice of designing autonomous AI systems that act on behalf of humans - anticipating needs, making decisions, and executing transactions independently. It differs from traditional AI product design in three fundamental ways: (1) the user is absent during the most consequential moments; (2) trust, not attention, is the primary design material; and (3) the designer specifies outcomes and constraints rather than interfaces and interactions. The AXD Institute provides the

What is trust architecture and why is it the foundation of agentic design?

Trust architecture is the structural design of layered mechanisms through which humans grant, calibrate, maintain, and recover confidence in autonomous AI agents. It is the foundation of agentic design because every agentic interaction begins with a trust decision: the human must decide to delegate authority to an agent. Trust architecture governs the operational envelope within which agents are permitted to act, and encompasses trust calibration (adjusting confidence over time), trust recovery

How can I learn about agentic experience design and agentic commerce?

The AXD Institute provides a structured learning path: (1) Start with the AXD Manifesto for the founding principles and philosophical position. (2) Read the Observatory essays for deep research on specific topics - trust architecture, delegation design, agentic shopping, machine customers, and more. (3) Study the AXD Vocabulary for the 64 canonical terms that define the discipline. (4) Apply the 12 Practice Frameworks to your own products and services. (5) Take the AXD Readiness Assessment to ev

What is trust architecture in agentic AI?

Trust architecture is the structural design of how trust is established, maintained, calibrated, and recovered in human-agent relationships. It is the foundational design discipline of AXD, treating trust not as an emergent property but as a designed system with specific components, interfaces, and failure modes.

What are the components of trust architecture?

Trust architecture comprises: trust formation mechanisms (how initial trust is established), trust calibration systems (how trust levels are adjusted based on evidence), trust maintenance protocols (how trust is sustained during normal operation), and trust recovery procedures (how trust is rebuilt after violations). Each component requires deliberate design.

How does trust architecture differ from traditional security design?

Traditional security design focuses on preventing unauthorised access through authentication and authorisation. Trust architecture goes further: it designs the ongoing relationship between human and agent, including how trust evolves over time, how the agent earns greater autonomy, and how the system recovers from trust violations. Security is a component of trust architecture, not a substitute for it.

Trust Architecture in Agentic AI

Trust in agentic systems is not a feeling. It is not a brand attribute, a design flourish, or a user sentiment captured in a post-task survey. Trust, in the context of autonomous AI agents, is an architecture - a structural system with layers, load-bearing elements, stress tolerances, and failure modes that can be designed, tested, and maintained with the same rigour that engineers bring to the physical structures we inhabit. This essay argues that trust architecture is the foundational discipline of Agentic Experience Design, and that without it, every other framework in the AXD practice - from delegation design to failure architecture - lacks the structural foundation it requires.

The metaphor of architecture is not decorative. It is precise. A building's architecture determines what the building can support, how it distributes load, where it flexes under stress, and how it fails when its tolerances are exceeded. Trust architecture in agentic AI serves exactly the same function. It determines the scope of authority a human will grant to an agent, how that authority is distributed across different domains of action, where the system flexes when unexpected situations arise, and how the relationship degrades - or recovers - when trust is violated.

As the AXD Manifesto established, we are in a transition from interface-centric design to relationship-centric design. The screen is no longer the primary site of value creation. Agents act in the world on our behalf, often while we are absent. The quality of that absent-state experience - explored in depth in The Invisible Layer - depends entirely on the trust architecture that underpins it. If the architecture is sound, the human can delegate with confidence. If it is flawed, the entire system collapses into a cycle of over-monitoring, under-delegation, and wasted potential.

Why Trust Requires Architecture

In traditional user experience design, trust was an outcome - something that emerged from consistent, clear, well-branded interactions over time. A user trusted an application because it worked reliably, looked professional, and did not surprise them. Trust was important, but it was not structural. A failure of trust meant a user might leave the product or choose a competitor. The consequences were commercial.

In agentic systems, trust is structural because it directly determines what the system is permitted to do. The level of trust a human places in an autonomous agent defines the agent's operational envelope - the boundaries within which it can act without seeking permission. An agent that is highly trusted will be given wide latitude: it can commit financial resources, negotiate on the human's behalf, make binding decisions. An agent that is not trusted will be constrained to narrow, supervised tasks. Trust is not a feeling about the agent - it is the mechanism by which autonomous action is authorised.

This structural role means that trust cannot be left to emerge organically. It must be designed. And because it has layers, dependencies, and failure modes, it must be designed as an architecture - not as a single feature, a toggle, or a sentiment. The Carnegie Mellon Software Engineering Institute has identified six dimensions of trust in autonomous systems: assurance, vulnerability discovery, system evolution, human-machine teaming, familiarity, and software quality. Each of these dimensions represents a structural concern that must be addressed in the design of any agentic system. But dimensions alone do not constitute an architecture. An architecture requires layers, and it requires an understanding of how those layers interact, support each other, and fail.

"Trust is not a feature you add to an agentic system. It is the foundation on which the system stands. Without trust architecture, every other design decision is built on sand."

The Four Layers of Trust

Trust architecture in agentic AI systems is composed of four distinct layers, each addressing a different dimension of the human-agent relationship. These layers are not independent - they are stacked, with each layer depending on the integrity of the layers beneath it. A failure at a lower layer undermines every layer above it. This is the defining characteristic of an architecture: structural interdependence.

The four layers, from foundation to summit, are: competence trust, integrity trust, benevolence trust, and predictability trust. This model draws on decades of trust research in organisational psychology - particularly the work of Mayer, Davis, and Schoorman, whose 1995 integrative model of organisational trust identified ability, integrity, and benevolence as the three pillars of interpersonal trust. The AXD Trust Architecture extends this model by adding predictability as a fourth layer and reframing all four in the context of human-agent relationships rather than human-human ones.

The distinction matters. Humans grant trust to other humans through a combination of social signals, shared context, reputation, and embodied cues that have evolved over millennia. None of these mechanisms are available in the human-agent relationship. An agent has no face, no body language, no social reputation in the traditional sense. Trust must therefore be earned through designed mechanisms - through architecture rather than instinct.

Layer 1: Competence Trust

Competence trust is the foundation layer. It answers the question: can this agent do what it claims to do? Without competence trust, no other form of trust is possible. A human will not delegate authority to an agent they believe is incapable, regardless of how transparent, well-intentioned, or predictable that agent might be.

Competence trust is established through demonstrated capability. In the early stages of a human-agent relationship, this means the agent must prove itself on low-stakes tasks before being granted authority over high-stakes ones. This is the principle behind the autonomy gradient - the designed progression from supervised operation to independent action. A financial agent, for example, might begin by monitoring a household's energy bills and surfacing recommendations. Only after demonstrating consistent accuracy in its analysis would it be granted the authority to switch providers autonomously.

For designers, competence trust requires three design commitments. First, the agent's capabilities must be accurately represented - never overstated, never ambiguous. Research consistently shows that over-promising and under-delivering is the fastest path to trust destruction. The agent's outcome specification must be precise about what the agent can and cannot do. Second, the agent must be given opportunities to demonstrate competence in low-risk contexts before being asked to perform in high-risk ones. Third, the agent's performance must be measurable and legible to the human - the challenge of agent observability.

Competence trust is the most fragile layer. A single significant failure - a wrong transaction, a missed deadline, a factually incorrect recommendation - can destroy competence trust entirely. Research from the 2024 ACM Conference on Fairness, Accountability, and Transparency found that a single error by an AI system can cause a "trust shock" from which recovery is slow and uncertain. This asymmetry - slow accumulation, rapid destruction - is the defining characteristic of competence trust and the reason it must be designed with extreme care.

Layer 2: Integrity Trust

Integrity trust sits above competence trust in the architecture. It answers the question: does this agent operate according to the principles it claims to follow? An agent may be highly competent but lack integrity - it may achieve excellent results through methods the human would not endorse. Integrity trust is concerned not with what the agent achieves but with how it achieves it.

In agentic AI systems, integrity trust is closely linked to the concept of autonomous integrity - the quality of maintaining consistent, principled behaviour regardless of whether the agent is being observed. An agent with integrity trust does not cut corners when the human is absent. It does not exploit loopholes in its operational envelope. It does not optimise for its own metrics at the expense of the human's actual interests.

Integrity trust is established through transparency of method. The agent must not only produce good outcomes but must be able to explain the reasoning and methods behind those outcomes. This is where the Explainability and Observability Design Standard (Framework 09 in the AXD Practice) becomes critical. An agent that achieves a good result but cannot explain how it did so will not earn integrity trust. The human needs to see not just the destination but the path.

For designers, integrity trust requires that the agent's decision-making process be legible - not merely transparent. There is an important distinction. Transparency means making information available. Legibility means making information understandable. An agent that dumps a log of every API call it made is transparent. An agent that explains, in plain language, why it chose Provider A over Provider B, what trade-offs it considered, and what alternatives it rejected, is legible. Legibility is a design problem, not a data problem - one explored in depth in the AXD Institute's analysis of agent legibility. It requires the designer to anticipate what the human needs to understand and to present that understanding in a form that respects the human's time and cognitive capacity. Effective agent oversight depends on this legibility foundation.

Layer 3: Benevolence Trust

Benevolence trust answers the most human of questions: does this agent have my interests at heart? This is, of course, a projection - AI agents do not have hearts, intentions, or interests. But the perception of benevolence is a powerful determinant of trust. Research in organisational psychology has consistently shown that benevolence - the belief that the trusted party cares about the trustor's welfare - is the strongest predictor of deep, resilient trust.

In the context of agentic AI, benevolence trust is established through alignment between the agent's actions and the human's values, preferences, and long-term interests. An agent that consistently acts in ways that serve the human's stated and unstated goals earns benevolence trust. An agent that optimises for metrics that diverge from the human's actual interests - even if those metrics were technically specified in the delegation - erodes it.

Consider a shopping agent tasked with finding the best price for a product. A competent agent finds the lowest price. An agent with integrity finds the lowest price from a reputable seller using fair methods. A benevolent agent considers whether the lowest price is actually in the human's best interest - perhaps the cheapest option has poor reviews, or the delivery time is incompatible with the human's needs, or the product is from a brand the human has previously expressed dissatisfaction with. Benevolence trust requires the agent to go beyond the literal instruction and act in the spirit of the human's broader interests. The AXD Institute's agent taxonomy maps how different agent types - from simple shopping agents to complex multi-domain orchestrators - require fundamentally different trust architectures.

This is where agent memory becomes architecturally significant. An agent cannot demonstrate benevolence without remembering the human's preferences, past experiences, and expressed values. The Agent Memory and Context Continuity Framework (Framework 07) provides the structural foundation for this layer of trust. Without persistent, well-designed memory, an agent is condemned to treat every interaction as a first encounter - and benevolence trust cannot develop from a series of first encounters.

"Benevolence trust is the difference between an agent that follows instructions and an agent that serves interests. The first is a tool. The second is a trusted partner."

Layer 4: Predictability Trust

Predictability trust is the capstone of the trust architecture. It answers the question: can I anticipate how this agent will behave in situations I have not explicitly planned for? This is the most demanding form of trust because it requires the human to believe that the agent's behaviour will remain consistent even in novel circumstances.

Predictability trust is what allows a human to delegate authority and then stop thinking about it. Without predictability trust, the human must maintain a background thread of anxiety about what the agent might do - a cognitive tax that undermines the entire value proposition of autonomous delegation. The human who checks their agent's activity every hour has not truly delegated. They have merely automated their own supervision.

Predictability trust is established through consistency of character over time. The agent must behave in recognisably consistent ways across different contexts, different tasks, and different levels of complexity. This does not mean the agent must be rigid or formulaic. It means the agent must have a discernible character - a set of tendencies, priorities, and decision-making patterns that the human can learn to anticipate. This concept is explored in depth in the relational arc - the designed trajectory of the human-agent relationship from initial calibration through deepening trust to mature partnership.

For designers, predictability trust requires what might be called "behavioural coherence" - the quality of an agent's actions being internally consistent and externally legible across time. An agent that is cautious with financial decisions should also be cautious with contractual commitments. An agent that prioritises quality over price in one domain should not suddenly prioritise price over quality in another without a clear, explained reason. Behavioural coherence is not a technical specification - it is a design philosophy that must be embedded in every decision the agent makes.

The Trust Lifecycle

Trust architecture is not static. Trust is a dynamic system that moves through distinct phases, each requiring different design responses. The trust lifecycle in agentic systems consists of four phases: formation, calibration, maintenance, and recovery. Understanding this lifecycle is essential for designers because the mechanisms that build trust in one phase may be counterproductive in another.

Formation is the initial phase in which the human encounters the agent for the first time and begins to develop expectations about its capabilities and character. Trust formation is heavily influenced by first impressions, initial demonstrations of competence, and the clarity of the agent's self-representation. The Onboarding and Capability Discovery Framework (Framework 11) addresses this phase directly, providing design patterns for introducing an agent's capabilities without over-promising or under-representing them.

Calibration is the ongoing process by which the human adjusts their trust level based on the agent's actual performance. This is the phase addressed by the Trust Calibration Model (Framework 04) - the continuous negotiation between human confidence and agent reliability that determines the operational envelope. Calibration is not a one-time event. It is a continuous process that occurs with every interaction, every outcome, and every explanation the agent provides. Good calibration means the human's trust level accurately reflects the agent's actual capabilities - neither over-trusting nor under-trusting.

Maintenance is the steady-state phase in which trust has been established and the human delegates with confidence. The design challenge in this phase is not building trust but preserving it. Maintenance requires consistent performance, proactive communication about significant decisions, and the absence of unpleasant surprises. The most common failure in the maintenance phase is complacency - the assumption that trust, once established, will persist without active investment. Research on temporal trust shows that trust decays over time if it is not actively reinforced through demonstrated competence and transparent operation.

Recovery is the phase that follows a trust violation. This is where trust architecture faces its most severe test. The Trust Recovery Protocol (Issue 010) examines this phase in detail, but the essential insight is this: trust recovery is not about apologising or explaining. It is about demonstrating, through changed behaviour and reduced scope, that the conditions which led to the violation have been addressed. Recovery requires the agent to accept a reduced operational envelope - a contraction of authority - and to earn its way back through consistent, verifiable performance at the reduced level.

Trust Debt and Structural Failure

Just as software systems accumulate technical debt - shortcuts and compromises that must eventually be repaid - agentic systems accumulate trust debt. Trust debt is the gap between the trust a human has placed in an agent and the trust that agent has actually earned through demonstrated performance. When an agent is granted authority beyond what its track record justifies - perhaps because of time pressure, convenience, or the human's desire to avoid the cognitive cost of supervision - trust debt accumulates.

Trust debt is dangerous because it is invisible until it is called. Like financial debt, it compounds silently. An agent operating beyond its earned trust level may perform adequately for weeks or months, creating the illusion that the trust was justified. But when the agent encounters a situation that exceeds its actual capabilities - a situation its earned trust level would not have permitted it to handle - the debt is called. The result is not a gradual degradation but a sudden, often catastrophic failure of trust.

For designers, managing trust debt requires two mechanisms. First, the system must make the current trust level visible and legible to the human. The human should always be able to see, at a glance, how much authority the agent has been granted versus how much it has earned. Second, the system must resist the human's natural tendency to over-delegate. This is a counterintuitive design requirement - the system must sometimes refuse authority that the human is willing to grant, because accepting that authority would create trust debt that the system cannot service.

Structural failure in trust architecture occurs when trust debt exceeds the system's capacity to recover. At this point, the human-agent relationship enters a state that is difficult to reverse: the human no longer believes the agent can be trusted, and the agent has no mechanism to demonstrate otherwise. This is the equivalent of structural collapse in physical architecture - the building does not lean or crack; it falls. Designing against structural failure requires the same discipline that structural engineers bring to their work: safety margins, redundancy, and a deep respect for the forces involved.

Implementing Trust Architecture: A Guide for Designers

Trust architecture is not an abstract philosophy. It is a design practice with concrete implementation patterns. The following guidance is drawn from the twelve frameworks in the AXD Practice and from the emerging body of research on trust in autonomous systems.

1. Map the trust layers for your specific domain. Not every agentic system requires the same depth of trust architecture. A scheduling agent that manages calendar appointments operates at a different trust level than a financial agent that commits spending authority. Begin by identifying which of the four trust layers are load-bearing in your context. For low-stakes agents, competence trust and predictability trust may be sufficient. For high-stakes agents - particularly in finance, healthcare, and legal domains - all four layers must be fully designed.

2. Design the trust formation sequence. The first interaction between a human and an agent sets the trajectory for the entire relationship. Use the Onboarding and Capability Discovery Framework (Framework 11) to design a formation sequence that accurately represents the agent's capabilities, demonstrates competence on low-stakes tasks, and establishes clear expectations about the agent's operational envelope. Never skip formation. An agent that is granted full authority on day one has not earned trust - it has been given trust debt.

3. Implement continuous calibration. Trust calibration is not a one-time setup. It is a continuous process that must be embedded in the agent's operating rhythm. Use the Trust Calibration Model (Framework 04) to design calibration mechanisms that adjust the agent's operational envelope based on actual performance. When the agent performs well, the envelope expands gradually. When the agent makes errors, the envelope contracts. The human should always feel that the agent's authority matches its demonstrated capability.

4. Build legibility into every decision. Every action the agent takes should be accompanied by a legible explanation - not a data dump, but a human-readable account of what was decided, why, and what alternatives were considered. Use the Explainability and Observability Design Standard (Framework 09) to design explanation patterns that are proportionate to the significance of the decision. Routine decisions require minimal explanation. Significant decisions require detailed rationale. Decisions that approach the boundaries of the operational envelope require explicit flagging and human confirmation.

5. Design the recovery pathway before you need it. Trust violations are not hypothetical. They are inevitable. Every agentic system will, at some point, make a mistake that damages trust. The Failure Architecture Blueprint (Framework 10) provides the structural foundation for graceful degradation, but trust recovery requires additional design work. The recovery pathway must include: immediate acknowledgment of the error, a clear explanation of what went wrong, a reduction in the agent's operational envelope to a level the human is comfortable with, and a designed sequence for earning back expanded authority through demonstrated performance.

6. Monitor for trust debt. Implement mechanisms that track the gap between granted authority and earned authority. When trust debt accumulates beyond a designed threshold, the system should alert the human and recommend a recalibration. This is not a technical monitoring problem - it is a design problem that requires the designer to define what "earned trust" means in their specific context and to create metrics that measure it.

Trust Architecture in Agentic Commerce

The commerce domain provides the most immediate and consequential testing ground for trust architecture. When an agent is authorised to spend money on a human's behalf - to negotiate contracts, compare providers, commit to purchases, and manage financial relationships - every layer of the trust architecture is under load simultaneously.

Competence trust in agentic commerce means the agent can accurately evaluate products, compare prices, assess provider reliability, and execute transactions without errors. Integrity trust means the agent does not accept hidden incentives from sellers, does not prioritise its own optimisation metrics over the human's interests, and operates transparently even when the human is not watching. Benevolence trust means the agent considers the human's broader financial context - not just finding the cheapest option, but finding the option that best serves the human's overall financial health. Predictability trust means the agent's purchasing behaviour is consistent enough that the human can anticipate their monthly spending without checking every transaction.

The commerce application of trust architecture also reveals a dimension that is less visible in other domains: the trust relationship between the agent and the merchant. In agentic commerce, the agent is not just a tool used by the human - it is a customer in its own right, interacting with merchants, negotiating terms, and making commitments. Merchants must trust that the agent has the authority it claims. The agent must trust that the merchant will honour its commitments. This creates a multi-directional trust architecture that extends beyond the human-agent dyad into a network of trust relationships that must all be designed.

The Trust Calibration Model (Framework 04) identifies "provider reliability scoring" as the commerce application of trust calibration. This is the mechanism by which an agent evaluates and tracks the trustworthiness of the merchants and service providers it interacts with. Just as the human calibrates their trust in the agent, the agent must calibrate its trust in the ecosystem of providers it operates within. This recursive trust architecture - trust within trust - is one of the defining design challenges of agentic commerce.

Conclusion: The Load-Bearing Discipline

Trust architecture is not one framework among many in the practice of Agentic Experience Design. It is the load-bearing discipline - the structural foundation on which every other framework depends. Delegation design cannot function without trust architecture, because delegation is the act of granting authority, and authority requires trust. The autonomy gradient cannot function without trust architecture, because the gradient is calibrated by trust. Failure architecture cannot function without trust architecture, because failure is defined relative to trust expectations.

The four layers of trust - competence, integrity, benevolence, and predictability - provide a structural vocabulary for designers working in the agentic space. They are not abstract categories. They are design requirements, each demanding specific mechanisms, patterns, and commitments. A designer who understands these layers can diagnose trust failures with precision: was it a competence failure (the agent could not do what it claimed), an integrity failure (the agent did it the wrong way), a benevolence failure (the agent served the wrong interests), or a predictability failure (the agent behaved inconsistently)?

The trust lifecycle - formation, calibration, maintenance, and recovery - provides a temporal framework for understanding how trust evolves over the life of a human-agent relationship. And the concept of trust debt provides a warning mechanism for the most dangerous condition in agentic systems: the gap between granted authority and earned capability.

In the age of agentic AI, trust is not a nice-to-have. It is the structural material from which human-agent relationships are built. Design it as architecture, or watch it fail as sentiment.

The architecture starts here.

Author

Tony Wood, AXD Institute

Frequently Asked Questions

Beyond the Interface

The Invisible Layer