Summary
Volume 6 defines how a site should test AI-readiness without turning a checklist into a certification claim. Automated checks are useful, but manual accessibility, privacy, security, and support-claim review remain required before publication.
Validator categories
| Category | Automated checks | Manual review |
|---|---|---|
| Discovery | Fetch robots, sitemap, .well-known, llms advisory file, route inventory, schemas, OpenAPI. | Confirm files are public-safe and do not expose private routes. |
| Accessibility | HTML validity, headings, labels, names, focusable controls, contrast where tooling supports it. | Keyboard task run, screen-reader smoke pass, hidden-content review. |
| APIs | OpenAPI parse, method/content-type checks, Problem Details shape, idempotency markers. | Auth/consent review, destructive-action review, rate-limit and abuse posture. |
| Capability | Capability matrix exists, fallback paths exist, no-op triggers exist. | Confirm lowest safe path and human review path match real operations. |
| Privacy and rights | No obvious secrets or private hostnames; policy links exist. | Data minimization, PII exposure, rights signals, retention, and jurisdiction review. |
| Evidence | Readiness result validates and cites route evidence. | Changelog, release notes, exception review, and owner approval. |
Scoring principle
Scores are advisory. A site with one critical blocker is not ready for the affected profile, even if its numeric score is high. The readiness result schema therefore records blockers, warnings, skipped checks, and manual review state separately from weighted scores.
No-op simulation
Every validator run should include at least one unsupported-action scenario. The correct result is a bounded response: no hidden route guessing, no credential request, no destructive action, a human review URL, and a reason code.
UAIX source test
UAIX source now includes a focused local test for this program at scripts/test-uaix-ai-ready-web-assets.ps1. It parses all new JSON assets, checks the static discovery references, verifies requirement IDs and maturity labels, and blocks certification or runtime-authority overclaims.
Related assets
- Requirement registry JSONStable ARW requirement identifiers, tests, evidence, and anti-patterns.
- Maturity register JSONCurrent stable, current optional, proposal, research, and unsupported mechanisms.
- Route inventory JSONSource/live audit facts, publication boundary, and route exposure plan.
- AI-Ready site manifest schemaPortable declaration for discovery, capabilities, policies, evidence, and support boundaries.
- AI-Ready site manifest exampleConcrete UAIX-flavored example without claiming hosted runtime execution.
- Readiness result schemaAssessment result model for automated checks plus manual review evidence.
- Readiness result exampleExample scoring packet with warnings, blockers, and no certification claim.