The Context Supply Chain is the deliberate treatment of the flow of context to an agent as something to be governed end to end — the upstream sources (documents, code, tickets, tools, the web, other agents), the transformation steps (ingestion, chunking, embedding, indexing), the retrieval and ranking, and the final assembly into the context window. The metaphor is load-bearing: there are suppliers of varying quality, defects, provenance and chain of custody, freshness and spoilage, audits and recalls — and almost none of it is currently applied to what we feed our models. We hardened the build-time software supply chain and left the runtime context supply chain unsourced, unversioned, stale and unguarded.
It is governed on three trust questions: Provenance (can I trust where this came from? — origin, authority, lineage, data contracts), Freshness (can I trust that it is current? — staleness, re-indexing, right-time not just right-text), and Integrity (can I trust that it hasn’t been corrupted? — contamination, runtime poisoning / indirect injection, least-trust on sources). It runs on one principle — your agent is only as good as its worst context supplier — and one warning: bad context is technical debt with a response time. It is the runtime data-sibling of the agent-gateway (what an agent may believe vs what it may do) and the operational successor to context-is-architecture (context is an asset; assets need supply chains). The depth treatment is The Context Supply Chain.