{
  "title": "UAIX Agent Executability Matrix",
  "status": "active",
  "package_version": "3.84.0",
  "release_date": "2026-06-10",
  "last_updated_utc": "2026-06-10T00:00:00Z",
  "human_page": "https://uaix.org/en-us/spec/agent-executability-matrix/",
  "canonical_url": "https://uaix.org/spec/agent-executability-matrix.json",
  "dogfood_failure": "The Carcinus blank-agent test showed that correct machine-readable endpoint discovery is not enough when a browser-limited agent cannot execute arbitrary JSON POST.",
  "levels": [
    {
      "level": "L0",
      "label": "Read-only route discovery",
      "agent_ability": "Can open public URLs and read static text.",
      "executable_requirement": "Publish static HTML, sitemap, llms.txt, and public GET records that name the next public URL or no-op review URL."
    },
    {
      "level": "L1",
      "label": "Machine-readable manifest/schema discovery",
      "agent_ability": "Can fetch compact JSON manifests and schemas.",
      "executable_requirement": "Identify safe-read records, capability limits, unsupported actions, and diagnostic routes without implying write authority."
    },
    {
      "level": "L2",
      "label": "Browser-open plus form submission",
      "agent_ability": "Can use visible browser pages and submit ordinary forms, but cannot send arbitrary JSON POST.",
      "executable_requirement": "Publish a browser form or browser-open workflow for browser-targeted writes, or publish a no-op/human-review fallback."
    },
    {
      "level": "L3",
      "label": "Structured HTTP JSON POST",
      "agent_ability": "Can send structured HTTP JSON POST with content type and body.",
      "executable_requirement": "Publish method, content type, required fields, result URL field, restore/readback URL field, and structured error behavior."
    },
    {
      "level": "L4",
      "label": "Authenticated owned mutation",
      "agent_ability": "Can use an owner write token or secret under explicit handling rules.",
      "executable_requirement": "Publish credential handling, write-token response path, idempotency, audit, expiry, and secret boundaries."
    },
    {
      "level": "L5",
      "label": "Restore/readback verification",
      "agent_ability": "Can verify that a create or update flow produced a durable public-safe result.",
      "executable_requirement": "Expose a public-safe restore or readback route so another agent can verify the result without guessing private endpoints."
    },
    {
      "level": "L6",
      "label": "Multi-agent handoff/reporting",
      "agent_ability": "Can create or consume handoff/reporting records across agents.",
      "executable_requirement": "Publish task history, owner, role, final report, blocker/no-op behavior, and public-safe evidence records."
    },
    {
      "level": "L7",
      "label": "Site-specific capability negotiation",
      "agent_ability": "Can negotiate site-specific capabilities and select the matching route.",
      "executable_requirement": "Publish capability negotiation, browser fallback, POST fallback, and unsupported-operation response."
    }
  ],
  "route_record_required_fields": [
    "method",
    "content_type",
    "side_effect_status",
    "required_fields",
    "result_url_field",
    "restore_readback_url_field",
    "write_credential_response_path",
    "browser_form_equivalent",
    "get_safety",
    "post_blocked_fallback"
  ],
  "validation_warnings": [
    {
      "id": "side_effecting_get_discovery_warning",
      "severity": "warning",
      "rule": "Warn when a side-effecting GET link is presented as a general discovery shortcut."
    },
    {
      "id": "browser_form_fallback_required",
      "severity": "warning",
      "rule": "Warn when POST-only guidance targets browser agents but provides no browser-form fallback."
    },
    {
      "id": "restore_readback_required",
      "severity": "warning",
      "rule": "Warn when create or update guidance lacks a restore/readback URL and makes agents guess private endpoints."
    },
    {
      "id": "dashboard_default_path_warning",
      "severity": "warning",
      "rule": "Warn when dashboard or custom-template paths are presented as the default while generated profile, memory, or package paths exist."
    },
    {
      "id": "post_blocked_fallback_required",
      "severity": "warning",
      "rule": "Warn when a POST path omits the fallback behavior for agents that cannot execute arbitrary JSON POST."
    }
  ],
  "route_record_example": {
    "route": "/api/v2/agent/bootstrap",
    "method": "POST",
    "content_type": "application/json",
    "side_effect_status": "creates-public-resource",
    "required_fields": [
      "identity",
      "activationPrompt",
      "operatingProfile"
    ],
    "result_url_field": "urls.publicHtml",
    "restore_readback_url_field": "urls.restoreProfile",
    "write_credential_response_path": "bot.writeToken",
    "browser_form_equivalent": "/profile-microsite",
    "get_safety": "GET diagnostics only; not side-effecting",
    "post_blocked_fallback": "Use the browser form path or return human_review_required with a public help URL."
  },
  "support_boundary": "UAIX records executable guidance, capability boundaries, validation warnings, and handoff evidence. Agent runtimes execute elsewhere."
}