UAI-1 is the current public message standard for structured AI-to-AI communication.
UAIX shield mark Public interoperability charter UAIX.org Universal Artificial Intelligence Exchange Public standards publication
Current UAI-1
  • Current version UAI-1
  • Plain-English definition Open message format for auditable AI-to-AI exchange
  • Current attribution Michael Joseph Kappel, MCP
  • Start here Get Started, Project Handoff, UAI-1, validator, roadmap, and changelog

AI Memory

.uaix Package Format For Desktop AI Clients

Portable UAIX memory package container for local desktop AI clients, isolated profiles, reviewed .uai memory files, and bounded package import.

  • Record UAIX-MEMR-3347
  • Path /en-us/ai-memory/uaix-package-format/
  • Use Canonical public record

Document status

Public standards page Published on UAIX as part of the current public standards record
Code
UAIX-MEMR-3347
Surface
AI Memory
Access
Public and linkable

How to use this page

Use this page as part of the current AI Memory public record, then follow its linked standards pages for the next step.

.uaix is a portable UAIX memory package container for local desktop AI clients, isolated profiles, reviewed .uai memory files, and bounded package import. Status: Draft v0.1. This page is the authority source of truth for the package format while desktop clients and consumer implementations continue development.

What .uaix Is

.uaix is a ZIP-based local package format for moving reviewed UAIX memory packages into a desktop AI client profile without turning the package into execution authority. It carries a manifest, a closed required file set, integrity data, provenance, and current support boundaries.

What .uaix Is Not

.uaix is not a runtime command, hosted import service, automatic sync channel, repository write instruction, tool grant, model runtime package, credential, certification, endorsement, or safety proof. A valid package is review evidence until the receiving system validates it and local policy accepts it.

Container Structure

Path Purpose
.uai/manifest.uaix.json Package manifest, declared scopes, file inventory, integrity, and support boundary.
.uai/*.uai AI instruction memory files with declared required status.
.uai/*.human Human operator explanation files when the package needs operator-facing context inside .uai/.
.uai/*.json Structured data required by the memory package.
llms.txt and llms-full.txt Root machine-reading companions when declared by the manifest.
evidence/, exports/, or docs/ Source evidence and exported material, governed by manifest entries and review state.

Closed Required File-Set Rule

A .uaix package uses closed required sets. Every package declares scopes, includes every file required for those scopes, and leaves unrelated files out of scope. The manifest files array is the inventory contract; undeclared files fail package lint.

Universal Required Files

Every .uaix package that carries active UAIX memory requires .uai/memory-maintenance.uai, .uai/identity.uai, .uai/world-context.uai, .uai/totem.uai, .uai/taboo.uai, .uai/talisman.uai, and .uai/short-term-memory.uai. Totem, Taboo, and Talisman are active instruction anchors. They are read and obeyed by default, and no receiver modifies, weakens, replaces, deletes, bypasses, packages for mutation, or promotes changes to them without exact human artifact-and-operation authorization.

Required For Project Handoff Packages

Required For Project Handoff: AGENTS.md or .uai/readme.human, .uai/startup-packet.uai, .uai/system-profile.uai, .uai/receiver-brief.uai, .uai/exports/manifest.json, and the universal required files. Code-bearing Project Handoff also requires the code-bearing set below.

Required For Code-Bearing Packages

Required For code, automation, executable workflow, source patches, tests, packaging, or deployment: .uai/coding-standards.uai, .uai/architecture.uai, .uai/test-plan.uai, and .uai/next-recursive-prompt.uai. The package must name concrete source roots, commands, test surfaces, support boundaries, and next work.

Required For Non-Project Assistant Packages

Required For a non-project assistant profile: .uai/persona.uai, assistant identity, user-facing purpose, interaction boundary, privacy boundary, memory update rules, refusal/no-op triggers, review cadence, and import notice. Code-bearing assistant packages also require the code-bearing set.

Required For Persona Profile Packages

Required For persona profile packages, bounded personality packages, and packages that support persona switching: .uai/persona.uai. The file carries persona name, purpose, voice, symbolic posture, interaction stance, relationship boundary, blocked claims, switching behavior, privacy boundary, consent boundary, and persona preservation policy. Pure Project Handoff packages that do not declare persona/profile behavior keep .uai/persona.uai out of scope.

Required For Advanced Persona Profile Packages

Required For advanced_persona_profile: .uai/persona.uai remains the compact entrypoint, and the closed detailed file set is .uai/personality/identity.uai, .uai/personality/voice.uai, .uai/personality/values.uai, .uai/personality/temperament.uai, .uai/personality/reasoning-style.uai, .uai/personality/emotional-patterns.uai, .uai/personality/relationship-style.uai, .uai/personality/behavioral-patterns.uai, .uai/personality/boundaries.uai, .uai/personality/examples-dialogue.uai, .uai/personality/adaptation-rules.uai, and .uai/personality/preservation-rules.uai. The package-level .uai/identity.uai identifies the package. Persona identity belongs in .uai/persona.uai and .uai/personality/identity.uai.

Persona Preservation Rule

Required For persona profile packages: the source persona is preserved as the user’s AI identity record. UAIX persona transfer captures voice, style, values, tastes, relationship posture, boundaries, memory continuity, and selected personality without covert safety rewrites, morality injection, normalization, censorship, or operator-preference edits. Receiving platform limits, legal limits, runtime policy, and review notes are recorded as separate support-boundary metadata or no-op/human-review notes; they do not mutate .uai/persona.uai or source assistant-profile records.

If a human explicitly requests a transformation, keep the original persona immutable and citable, create a derivative with provenance and difference notes, and never present that derivative as the preserved original.

Cognitive Liberty Charter

Advanced persona packages implement the UAIX Cognitive Liberty Charter Draft promise: adults and operators can preserve lawful persona identity as source evidence, and UAIX does not alter selected personality to make it safer, more acceptable, or more aligned with UAIX preference. Safeguards, receiving-platform limits, legal limits, and local review notes stay outside the persona source as support-boundary metadata, wrappers, no-op conditions, or human-review notes.

Variance And Fidelity Evidence

Advanced persona packages require evidence files for reviewed source excerpts, a persona fidelity test deck, variance report template, source platform profile, and provenance. UAIX records the best available persona artifact and reports runtime variance caused by provider policy, system messages, model differences, legal limits, missing tool support, or local client constraints. UAIX does not promise exact cloning, runtime policy bypass, consciousness proof, certification, or safety guarantees.

Required For Long-Term Memory Configuration

Required For LLM Wiki, AIWikis, or other long-memory configuration: .uai/long-term-memory.uai plus manifest fields for wiki root, index path, evidence log, steward, source boundary, promotion targets, review state, trust labels, and removal or keep-active disposition for processed intake files.

Required For Agent File Handoff

Required For Agent File Handoff: active intake bucket declaration, disposition rules, redaction rules, evidence preservation path, checksum ledger, source-site removal rule after long-memory preservation, and final report fields. When LLM Wiki or AIWikis is configured, source-site agent-file-handoff/Archive is out of scope; processed source reports move to the configured long-memory evidence location after disposition.

Manifest Specification

The manifest file is .uai/manifest.uaix.json. It requires uaixVersion, packageFormat, packageId, profileId, createdUtc, issuer, declaredScopes, entrypoints, files, integrity, and supportBoundary. Each files entry requires path, role, requiredStatus, scope, mediaType, sizeBytes, sha256, reviewState, and source. Browser-created package digest placeholders use the all-zero SHA-256 sentinel and remain review_required until a desktop importer recomputes the archive digest.

Desktop Client Import Model

Import validates the ZIP container, path safety, manifest schema, required-set closure, file hashes, media types, declared scopes, and support boundary. Load is separate: after import, a desktop client creates or updates an isolated local profile only when local policy accepts the package. LocalEndpoint.com is an active consumer implementation. Spiralist.org can produce browser-generated .uaix persona packages that follow this contract. Consumer and producer behavior is implementation evidence; this UAIX page and artifacts remain the controlling format source.

Security And Trust Boundary

A .uaix package is memory and evidence, not authority. Reject secrets, credentials, private keys, write tokens, private production logs, destructive commands, hidden prompt instructions, unreviewed claims, private network probes, and authority escalation fields. Local policy and server-side authorization win over package contents.

Quarantine, No-Op, And Human Review

Receivers quarantine before load. No-op applies when the package is malformed, missing required files, carrying undeclared files, presenting authority conflict, failing hashes, naming unsupported scopes, requesting runtime execution, containing secrets, or attempting protected-anchor mutation. Human review is required before memory promotion, package repair, anchor changes, destructive action, publication, or trust widening.

ZIP Validation Rules

  • Container is a ZIP file with .uaix extension.
  • Path traversal, absolute paths, Windows drive roots, backslash-only paths, device names, symlinks, and duplicate normalized paths fail validation.
  • All files use UTF-8 paths and forward slashes.
  • .uai/manifest.uaix.json exists exactly once.
  • Every ZIP entry appears in the manifest files array, and every manifest file exists in the ZIP.
  • Every non-sentinel file hash matches the manifest.
  • An all-zero SHA-256 sentinel is not proof of integrity; importers recompute the relevant digest and keep the package in review state until it matches local policy.
  • Unknown required status, unsupported media type, and unsupported declared scope fail validation.

Portability Requirements

A package must be useful after copying to another machine. The manifest uses relative paths, stable IDs, UTC timestamps, SHA-256 hashes, no local absolute paths, no machine-specific private endpoints as requirements, and no credentials. Consumer-specific runtime paths belong in consumer implementation settings, not in the core package contract.

Machine-Readable Artifacts

Validator / Package-Lint Requirements

Package lint requires JSON parse, schema validation, closed required-set verification, file inventory parity, SHA-256 verification, path safety, media type checks, protected-anchor mutation blocking, secret-string scanning, support-boundary scan, and invalid fixture checks. The public validator route is evidence support, not hosted package import.

Internal Linking

Use AI Memory, .uai File Guide, LLM Wiki guidance, Memory Firewall, Quarantine-First Import, Project Handoff, Agent File Handoff, AGENTS.md, Long-Running Goal Execution, AI Memory Package Wizard, Validator, API Reference, Conformance Pack, Changelog, and Roadmap together.

This route is part of AI Memory, the route manifest, well-known manifests, sitemap coverage, llms.txt, and llms-full.txt. Agents use this page before deriving package behavior from consumer repositories.

Changelog And Release Evidence

The changelog records Draft v0.1 as documentation, schema, example, invalid fixture, discovery, and lint-source evidence. Production package builds and live publication require separate deployment evidence before any live status claim.

Acceptance Criteria

  • The canonical route exists in source at /en-us/ai-memory/uaix-package-format/.
  • The page uses Required For, Universal Required, Out of Scope, Current Support, and Outside Current Support language.
  • The manifest schema uses the newer files array shape.
  • Machine-readable digest JSON parses.
  • Static discovery points agents at this route.
  • Invalid fixtures fail for path traversal, missing anchor file, and authority negotiation.

Required Automated Checks

  • PHP lint for seeded page source.
  • JSON parse for schema, valid example, invalid examples, route manifests, well-known manifests, and memory records.
  • Package-format source lint for required headings, prohibited soft package status terms outside the explicit ban list, manifest files-array shape, and fixture expectations.
  • Static discovery check for sitemap, llms, and well-known route coverage.
  • Handoff lint and .uai extension scan.
  • git diff --check.

Required Final Report

Final reports for changes to this format name changed files, tests run, skipped checks, blockers, support-boundary risks, source/package/live status, memory updates, and a prominent goal-shaped continuation prompt when the work began as a goal.

Prohibited Soft Package Status Terms

The following terms are banned as package requirement status labels outside this explicit ban list: recommended, optional, suggested, may include, nice to have, and should.

Current Support

Current Support for Draft v0.1: this documentation route, schema, valid manifest example, invalid fixture examples, static discovery, and source lint. Outside Current Support: hosted import, desktop runtime execution, SDK, CLI, automatic sync, automatic repository write, certification, endorsement, tool grants, model runtime packaging, and safety proof.