LocalEndpoint
Metadata-onlyNo public command dispatch Browser-local validationNo upload intake Private runtime stays localNo localhost probing Invited distributionChecksum-backed artifacts

Phase 2.46 / v1.5.65

UAIX Manifest Validation

UAIX manifest validation keeps agent-facing metadata structured, inspectable, and explicit.

Know what LocalEndpoint does Validate an Endpoint Manifest

UAIX validation

Agent-readable does not mean agent-authorized.

UAIX manifest validation turns local endpoint metadata into inspectable fields for humans and agents while keeping runtime permission outside the public website.

01 / Schema Endpoint fields are explicit

Allowed operations, denied operations, input limits, output shape, and evidence policy are visible before trust.

02 / Envelope Agent context is wrapped

UAI-style envelopes describe package identity, route context, and public boundaries without granting control.

03 / Conformance Validation proves shape

Conformance records help software compare fields and transport bindings; they do not prove runtime safety.

04 / Handoff Local approval comes later

Future desktop workflows can consume metadata only after a person reviews it on their machine.

Manifest airlock

Metadata passes inspection before it can ask for trust.

The airlock makes agent-facing metadata useful without making it powerful: parse the manifest, compare fields, wrap context, export a receipt, then leave runtime approval to the local desktop surface.

  1. 01Parse manifest

    Read declared operations, denied operations, limits, output shape, and evidence policy.

  2. 02Compare fields

    Match the manifest against the public field registry and conformance expectations.

  3. 03Wrap context

    Envelope metadata can describe route context without becoming a control channel.

  4. 04Export receipt

    Validation results become browser-local evidence a person can inspect later.

  5. 05Hold authority

    Execution, credentials, localhost access, and desktop commands wait for local approval.

Airlock rule Readable metadata Inspectable fields Portable receipt Authority withheld
SchemaEndpoint manifest schema

Required endpoint fields and evidence policy for local capability declarations.

 EnvelopeUAI envelope example

Machine-readable context with runtime authority explicitly outside the public site.

 ConformanceConformance pack

Reviewable shape checks for UAI-style metadata and validation expectations.

 FieldsField registry

Named metadata fields agents can inspect without receiving local authority.

 TransportTransport bindings

Transport metadata that describes shape without opening a runtime channel.

 WorkbenchBrowser validator

Validate in the tab and export a receipt without upload intake or localhost probing.
UAIX contract Fields before trust Validation before runtime Runtime authority false Local approval later
Inspect

Fields must be explicit

Required metadata helps agents reason about allowed operations, denied operations, and evidence policy.

Field registry
Validate

Shape before trust

A valid envelope shows metadata shape; it does not prove runtime safety or authorize execution.

Validate locally
Handoff

Local approval comes later

Future desktop workflows can consume metadata after a person reviews it locally.

Desktop boundary

Operating boundary

Public clarity, local authority.

This public site is static metadata and does not dispatch desktop commands, probe localhost, upload files, collect telemetry, request credentials, or claim runtime safety certification.