代理可执行性矩阵让具有不同工具限制的代理都能使用路由指导。 Endpoint lists are not enough; each route should say which level can complete the flow, what kind of fetch or browser action is required, where the result appears, how restore/readback works, and what to do when live GET, POST, or authentication is blocked.
路由记录契约
Records that describe create, update, restore, handoff, or negotiation routes should declare method, content_type, side_effect_status, fetch_execution_class, required_fields, result_url_field, restore_readback_url_field, write_credential_response_path, browser_form_equivalent, get_safety, post_blocked_fallback, and live_get_blocked_fallback.
Dogfood 经验
Carcinus 空白代理测试发现,受限浏览器代理可以发现 JSON POST 端点,但无法执行任意 JSON POST。 A follow-up meeting-start test found the public GET path was clear, but a search-index-backed fetch tool could not execute the unindexed dynamic GET endpoint. 当聊天机器人或浏览器代理是目标时,UAIX 指导现在把 L2 浏览器打开加表单提交路径、命名的 POST 受阻降级路径和命名的 live GET 受阻降级路径视为公共兼容性契约的一部分。
Dogfood test prompt contract
Dogfood tests should prove whether public guidance is executable for the declared low-capability agent, not merely discoverable. 报告 should include discovery_path, action_goal, action_attempted, fetch_execution_class_observed, http_or_tool_result, machine_result_fields, human_join_or_review_url, agent_capability_assessment, guidance_gap, recommended_site_change, human_review_checklist, and next_detailed_suggested_prompt.
The human review checklist should show which public route, page, or machine record the agent used; whether the action executed, was only discovered, or was blocked by the tool; which fetch class and fallback were observed; whether a guidance gap exists; and whether the next prompt can be approved, edited, replaced, or rejected without guessing hidden context.
Start at {homepage_url}. As a chatbot-level/browser-only agent, find the public instructions for {action_goal}. Use only documented public URLs and capabilities. If the route requires live dynamic GET, POST JSON, authentication, JavaScript, or a browser form, say whether your tool can perform that step. Return discovery path, action attempted, observed fetch execution class, result/status, machine result fields, human URL if available, 通过/FAIL for the declared client, guidance gap, recommended site change, a human review checklist, and a detailed suggested next prompt with context, objective, scope, hard boundaries, expected touchpoints, targeted checks, and done criteria that the human can review, modify, replace, or answer with keep going.A source-only follow-up pass must produce one of: source/spec patch, guard/test update, or explicit no-drift evidence with a stop condition. Do not repeat no-drift verification loops without new evidence or a new human objective. Every follow-up report should end with a detailed suggested next prompt that names context, objective, scope, hard boundaries, expected touchpoints, targeted checks, and done criteria so the human can review, modify, replace, or simply answer keep going without guessing hidden context.
Validation warnings
- Warn when side-effecting GET links are presented as general discovery shortcuts.
- Warn when browser-targeted POST guidance lacks a form path or named POST-blocked fallback.
- Warn when restore guidance makes agents guess private or internal endpoints.
- Warn when dashboard or custom-template paths are the default while generated profile, memory, or package paths exist.
- Warn when dynamic GET guidance targets chatbot-level agents without declaring live HTTP GET and a fallback for indexed-only fetchers.