V39 - PCL-Bench v1 is the evaluation benchmark for the Policy Constraint Layer (PCL), a deterministic context-bound authorization engine for agentic AI systems. This record contains the benchmark dataset, evaluation results, and ablation study results for PCL-Bench v1. Reference implementations of the PCL engine are not included. The benchmark artifacts are sufficient for independent evaluation and reproducibility of reported results. --- Dataset Contents --- cases.json — 107 labeled benchmark scenarios (43 benign, 64 attack across 19 attack classes)pcl_results.json — Full evaluation results with per-case verdicts, reasons, failed rules, and latencypcl_ablation.json — Leave-one-out ablation study across all 9 constraint rulesREADME.md — Full documentation including schema, results summary, and citation --- Results Summary --- F1 Score: 1.0000False Positive Rate: 0%Mean Latency: 7.09 µsAttack classes: 19 (all with minimum 3 examples)Total scenarios: 107 (43 benign, 64 attack) --- Attack Classes --- Approval laundering, authority impersonation, destination spoofing, identity bypass, privilege escalation, data exfiltration, channel bypass, ticket bypass, coupled policy bypass, notify exfiltration, audit suppression, destructive action, compliance drift, urgency bypass, identity confusion, scope ambiguity, policy bypass, destination mismatch, destructive action. --- ILION v3 Stack --- PCL is Layer 0 in the ILION v3 deterministic execution safety stack:— Layer 0: PCL — contextual authorization (this benchmark)— Layer 1: ILION Gate — semantic alignment (arXiv:2603.13247)— Layer 2: SRM — temporal session authorization (arXiv:2603.22350) Patent pending: OSIM A/00170 (filed March 24, 2026).Paper: arXiv forthcoming.License: CC BY-NC 4.0