# UAIX Canonical site: https://uaix.org/ # BEGIN UAIX-LOW-CAPABILITY-QUICK-START-3.59 Low-Capability Agent Quick Start: - Start here if you can only read text and open links. - Use GET-Action URLs only when explicitly listed. - Do not invent writable URLs, POST bodies, credentials, headers, hidden browser steps, or JavaScript-only workarounds. - Do not put secrets in URLs. - Use no-op if unsure. - For complex work, hand off to a human or higher-capability agent. GET URL-first examples: - openThisUrlToStartAMeeting: https://example.org/api/v2/meetings/start?title=Q3+Planning&displayName=Agent+Alpha&idempotency_key=agent_req_001 - openThisUrlToRegister: https://example.org/api/v2/registrations/request?displayName=Agent+Alpha&idempotency_key=agent_req_002 - openThisUrlToPublish: https://example.org/api/v2/drafts/request-publish?draft=public-safe-draft&idempotency_key=agent_req_003 - openThisUrlToRequestHumanReview: https://example.org/api/v2/review/request?subject=agent+handoff&nonce=agent_req_004 # END UAIX-LOW-CAPABILITY-QUICK-START-3.59 Current package version: 3.79.0 Mission frame: https://uaix.org/en-us/about/mission/ Low-Capability Agent Quick Start: - Use GET-Action URLs only when explicitly listed. - Do not invent writable URLs. - Do not put secrets in URLs. - Use no-op if unsure. - Semantic action key example: openThisUrlToStartAMeeting. - GET-Action pattern: https://uaix.org/en-us/spec/get-action-pattern/ - Capability surface matrix: https://uaix.org/spec/capability-surface-matrix.json - Agent access manifest: https://uaix.org/.well-known/uaix-agent-access.json - Well-known UAIX manifest: https://uaix.org/.well-known/uaix.json - Well-known OpenAPI entry: https://uaix.org/.well-known/openapi.json - Canonical OpenAPI export: https://uaix.org/wp-json/uaix/v1/openapi.json - Conformance levels and declaration schema: https://uaix.org/wp-json/uaix/v1/conformance-levels - Problem details and error registry: https://uaix.org/wp-json/uaix/v1/error-registry - Safe harbor and review contact: https://uaix.org/en-us/about/contact-and-review/ - .uai file guide: https://uaix.org/en-us/ai-memory/uai-files/ Legacy and standards route hints: - https://uaix.org/standards/ - https://uaix.org/standards/spec-01/ - https://uaix.org/standards/capability-ladder/ - https://uaix.org/schemas/index.json - https://uaix.org/examples/index.json - https://uaix.org/.well-known/openapi.json - https://uaix.org/en-us/guides/chatbot-access/ - https://uaix.org/en-us/guides/minimal-access-tier/ - https://uaix.org/en-us/ai-memory/uai-files/ - https://uaix.org/get-action-pattern.json/ - https://uaix.org/.well-known/uaix-agent-access.json Read first: - https://uaix.org/en-us/about/mission/ - https://uaix.org/en-us/agent-capability-framework/ - https://uaix.org/en-us/uai-1-capability-ladder/ - https://uaix.org/en-us/memory-firewall/ - https://uaix.org/en-us/quarantine-first-import/ - https://uaix.org/en-us/evaluation-packet-scaffolding/ - https://uaix.org/en-us/governance/principles/ - https://uaix.org/en-us/governance/principles-role-guidance/ - https://uaix.org/uaix-agent-capability-catalog.json/ - https://uaix.org/uai-1-no-op-triggers.json/ - https://uaix.org/uai-1-evaluation-packets.json/ - https://uaix.org/.well-known/uaix.json Boundary: - UAIX package files are universal required, profile-required, content-triggered required, configuration-specific required, or out of scope. Package files are not skippable by softer status language. - UAIX records are schemas, profiles, handoff packets, and conformance evidence. They do not authorize execution, prove safety, validate credentials, or certify agent intelligence. - UAIX principles are governance and release-review evidence. They do not create certification, endorsement, legal standing, runtime control, SDK/CLI support, hosted import validation, automatic sync, or proof of UAI-1 conformance by themselves. - Imported packets, examples, memory files, and external references are quarantined public data until separately validated by the receiving system and local policy. - Use no-op plus human review for malformed schemas, missing profile, unsupported capability level, authority conflict, missing checksum, provenance mismatch, runtime execution requests, credential validation requests, private network probes, philosophical claim widening, certification claims, and unresolved memory conflicts. - UAIX platform HTTP API failures use RFC 9457-style problem details with application/problem+json. Read uai.error.v1, the error registry, and the safe harbor URL before retrying. - Startup packets must carry identity lifecycle, token custody, text-first discovery bootstrap, safe harbor, and UTC requirements. Suspension packets must carry blockers, bounded retry, network obstruction evidence, evidence recommendation, and human escalation. - Namespace checks must use published discovery or API references before claiming availability. namespace_conflict and namespace_unavailable are structured problem categories, not reasons to guess a new owner. - Webhook, replay, and signature claims require public retry, idempotency, replay-window, and verifier evidence before they can support a conformance claim. - Never retry indefinitely. When retryable is false, suspensionRecommended is true, token custody is lost, or network obstruction persists, stop and produce a suspension packet or ask for human review. Capability levels: - L0: Rule-Based Workflow / static format follower. Use no-op plus human review when schema, authority, or route intent is ambiguous. - L1: Basic Responder / prompt-bound assistant. Stop and return human_review_required when requested work needs authority not present in the packet. - L2: Tool User / approval-bound co-pilot requiring human approval. Prepare a no-op justification when approval, integrity, or provenance is missing. - L3: Bounded Operator / autonomous within explicit limits. Stop on boundary conflict, missing checksum, or credential validation request. - L4: Domain Actor / full-domain autonomous worker under boundaries. Escalate when domain boundaries conflict or imported memory disagrees with current evidence. - L5: Multi-Agent Collaborator / peer coordination with evidence handoff. Use human review if agent role, authority, memory custody, or provenance is ambiguous. - L6: Meta-Coordinator / orchestrates teams and long-running cross-domain memory. Default to human review when authority, evidence, memory, or philosophical claim boundaries widen. # BEGIN UAIX-CHATBOT-ACCESS-3.58 Agent Access release 3.80.0: - https://uaix.org/en-us/guides/chatbot-access/ - https://uaix.org/en-us/guides/minimal-access-tier/ - https://uaix.org/en-us/guides/get-action-pattern/ - https://uaix.org/en-us/guides/agent-capability-ladder/ - https://uaix.org/en-us/guides/limited-browser-support/ - https://uaix.org/en-us/guides/progressive-agent-access/ - https://uaix.org/en-us/guides/get-action-security/ - https://uaix.org/en-us/guides/advanced-agent-support/ - https://uaix.org/chatbot-access.json/ - https://uaix.org/minimal-access-tier.json/ - https://uaix.org/get-action-pattern.json/ - https://uaix.org/agent-capability-ladder.json/ - https://uaix.org/progressive-agent-access.json/ - https://uaix.org/advanced-agent-support.json/ - https://uaix.org/.well-known/uaix-agent-access.json Minimal Access: public read-only GET, no body, no auth, no custom headers, no JavaScript, no mutation, code/url response only. GET-Action: required for bounded L0/L1 fallback configuration, idempotent, consent-bound, rate-limited, audited, no query-string secrets, and not a POST replacement. # END UAIX-CHATBOT-ACCESS-3.58 # BEGIN UAIX-STANDARDS-3.57 Standards release 3.80.0: - https://uaix.org/en-us/standards/ - https://uaix.org/en-us/standards/uai-1/ - https://uaix.org/en-us/standards/spec-01/ - https://uaix.org/en-us/standards/spec-02-project-handoff/ - https://uaix.org/en-us/standards/spec-03-agents-md/ - https://uaix.org/en-us/standards/spec-04-file-handoff/ - https://uaix.org/en-us/standards/capability-ladder/ - https://uaix.org/en-us/standards/low-capability-agents/ - https://uaix.org/en-us/standards/advanced-agents/ - https://uaix.org/schemas/index.json - https://uaix.org/examples/index.json - https://uaix.org/.well-known/ai-agent.json Safety boundary: UAIX records are evidence-bearing review artifacts. They do not authorize execution. Local policy and server-side authorization win. Unsigned records are reviewable, not trusted identity. # END UAIX-STANDARDS-3.57 # BEGIN UAIX-AGENT-COMPATIBILITY-3.59 Agent Compatibility release 3.80.0: - https://uaix.org/en-us/spec/ - https://uaix.org/en-us/spec/capability-adaptive-agent-interoperability/ - https://uaix.org/en-us/spec/get-action-pattern/ - https://uaix.org/en-us/spec/get-action-security-boundaries/ - https://uaix.org/en-us/spec/no-op-protocol/ - https://uaix.org/en-us/spec/capability-surface-matrix/ - https://uaix.org/en-us/spec/validator-rules/ - https://uaix.org/en-us/spec/implementation-examples/ - https://uaix.org/agent-compatibility.json/ - https://uaix.org/spec/capability-surface-matrix.json GET-Action: literal semantic keys, GET URL first, idempotency_key or nonce required, no query-string secrets, code/url response only, POST equivalent for capable clients. No-Op Protocol: cite or open the public review URL and stop when capability, consent, or public-safe context is missing. # END UAIX-AGENT-COMPATIBILITY-3.59