LocalEndpoint
Metadata-onlyNo public command dispatch Browser-local validationNo upload intake Private runtime stays localNo localhost probing Invited distributionChecksum-backed artifacts

Phase 3.442 / v1.5.207

Guided intake

Use guided intake to collect public-safe context before validation, desktop review, developer integration, or evidence handoff. The result is local review material, not runtime authority.

Open browser validator Review Desktop

Guided intake

Ask more up front. Keep authority local.

Guided intake gathers the context needed for the right next safe action without uploading private files, probing localhost, collecting credentials, enabling telemetry, dispatching commands, hosting inference, or granting runtime authority.

No upload intake No localhost probing No credential request No telemetry No public command dispatch No runtime authority
HumanUnderstand safety and decide whether to proceed. DeveloperInspect schemas, route indexes, examples, and quality gates. AI AgentRead public structure and stop before authority. Desktop ReviewerVerify artifact identity and move approval local.
Role routing

Start with who is here and what they need.

The first answer routes the visitor to a safe next action instead of showing every technical detail at once.

Show public-safe questions
  • Which role is using this site: Human, Developer, AI Agent, or Desktop Reviewer?
  • Which task is active: understand, validate metadata, download Desktop, inspect routes, review evidence, or prepare an invited tester handoff?
  • Is this personal use, invited testing, developer integration, or release review?
Show denied intake
  • Do not infer authority from role selection.
  • Do not ask an AI Agent to act beyond read-only route discovery and evidence review.
Endpoint declaration

Ask for public-safe shape, not private substance.

The intake can collect purpose, category, transport expectation, consent shape, and data-sensitivity posture without collecting raw endpoint material.

Show public-safe questions
  • Endpoint display name and one-sentence purpose.
  • Endpoint category: local app, local service, model runtime, tool bridge, documentation route, validator route, or evidence route.
  • Transport expectation: NamedPipe, Loopback127001, file handoff, package artifact, browser-only validation, or documentation-only route.
  • Consent shape: human approval, desktop approval, local receipt, read-only route, or blocked until review.
  • Data sensitivity level: public metadata, redacted evidence, private local-only data, or credential-bearing data.
Show denied intake
  • Do not request passwords, tokens, API keys, cookies, certificates, or recovery phrases.
  • Do not request raw private endpoint logs, raw prompts, generated private text, private filenames, private network addresses, or customer names.
  • Do not scan, fetch, or probe localhost, 127.0.0.1, private networks, named pipes, or desktop command routes.
Manifest validation

Treat a green receipt as review input only.

The browser can inspect manifest shape and redaction posture, then produce a local receipt for the reviewer.

Show public-safe questions
  • Does a manifest already exist?
  • Is the manifest public-safe, redacted, or local-only?
  • Which schema is Required For this manifest?
  • Which fields must remain local-only?
  • Is validation for learning, developer integration, invited testing, or desktop handoff?
Show denied intake
  • A browser receipt is review input; runtime authority stays outside browser validation.
  • Do not say validation is certification, command approval, marketplace approval, or signing proof.
Desktop readiness

Bind review to the current artifact identity.

Desktop readiness intake displays the current version, phase, SHA-256, public signing state, distribution posture, and remaining gates from canonical release metadata.

Show public-safe questions
  • Current Desktop artifact: LocalEndpoint.Connect.App-0.2.126.0-phase3442-local-model-source-path-policy-smoke-msix-test.zip.
  • Current Desktop SHA-256: 635d411b11b1332dc8337771854507b60e23c9e9f94ca417cc3778ba17f1d6da.
  • Is the user reviewing an invited tester install?
  • Has the checksum been compared?
  • Has release evidence been reviewed?
  • Is the system GPU-capable, without GPU support, or uncertain?
Show denied intake
  • Do not claim broad public distribution while public signing is false.
  • Do not claim runtime safety certification.
.uaix package context

Ask what the agent package requires.

LocalEndpoint Desktop loads `.uaix` packages locally; the public site can collect public-safe context for the reviewer.

Show public-safe questions
  • Is the work about a `.uaix` package?
  • What agent type is the package for?
  • Confirm that persona.uai is present because it is Required For All LocalEndpoint Desktop Packages.
  • Which `.uai` memory files are Required For this agent type?
  • Does the package need command execution capability, local model execution, wiki memory, or evidence-only review?
Show denied intake
  • Do not ask the public site to import, expand, or run `.uaix` packages.
  • Do not describe `.uai` files with discretionary language; use Required For {purpose}.
Wiki, model, and command context

Ask enough for Desktop review without activating execution.

The intake can collect review intent for wiki memory roots, model readiness, and command capability while keeping execution local and owner-scoped.

Show public-safe questions
  • Is wiki memory shared across loaded `.uaix` agents or isolated to one agent profile?
  • Is the memory root under Documents for backup-friendly copying?
  • Is the local model path CPU-only, GPU-capable, or blocked until evidence?
  • Is command execution capability Required For this agent type?
  • Which local approval and audit receipt is Required For any command run?
Show denied intake
  • Do not read the wiki from the public site.
  • Do not load models from the browser.
  • Do not dispatch commands from the public site.
Evidence handoff

End with the next safe action.

The intake result routes the reviewer to validation, Desktop, developer routes, FAQ, or the Evidence Ledger with explicit non-claims.

Show public-safe questions
  • Which evidence is needed: manifest receipt, checksum receipt, desktop smoke review, package-feed review, quality gates, route consistency, or accessibility review?
  • Who is the reviewer: human owner, developer, AI agent, desktop reviewer, or release reviewer?
  • Which artifact belongs in the Evidence Ledger?
  • Which non-claims must be shown beside the evidence?
Show denied intake
  • Do not hide failed or pending gates.
  • Do not convert evidence into certification.

More information prompt packet

Ask the missing context before the route changes.

These prompts collect role, endpoint authority, `.uaix` package memory, model posture, command capability, evidence target, and issue-report context while keeping the public site metadata-only.

Required For routing a visitor without exposing private material.

Situation snapshot

Capture enough context to choose the right safe route before validation, download, developer review, or evidence work.

Show questions this prompt asks
  • What are you trying to accomplish in one or two sentences?
  • Which role is answering: human owner, developer, AI agent, desktop reviewer, release reviewer, or invited tester?
  • Which current state applies: learning, preparing a manifest, checking a Desktop artifact, reviewing evidence, or reporting a deployed-site drift?
  • What is the deadline or reason this needs review now?
Show denied material
  • Do not include private customer names, private file paths, credentials, tokens, or raw endpoint output.
  • Do not ask the public site to decide approval or execute work.

Next safe route

Required For separating documentation, validation, Desktop approval, and local runtime authority.

Endpoint authority map

State what the endpoint represents, what authority it must never receive from the public site, and where approval belongs.

Show questions this prompt asks
  • What public-safe endpoint type is being described: documentation route, validation route, local app, local service, model runtime, tool bridge, or evidence route?
  • What actions would this endpoint perform only after Desktop approval?
  • What actions must remain blocked from the browser and from AI-agent route discovery?
  • Which approval owner is Required For local use?
Show denied material
  • Do not provide localhost URLs, private network addresses, named-pipe names, command strings, or live service probes.
  • Do not describe browser validation as command approval or runtime approval.

Next safe route

Required For Desktop package review and portable agent handoff.

.uaix and memory package map

Identify the agent package, persona, memory files, wiki root, and copy/backup posture in public-safe terms.

Show questions this prompt asks
  • What agent type does the `.uaix` package serve?
  • Confirm that `persona.uai` is present because it is Required For All LocalEndpoint Desktop Packages.
  • Which `.uai` files are Required For this agent type or workflow?
  • Should wiki memory be shared across packages or isolated to this loaded agent?
  • Is the wiki root intended to live under Documents for backup-friendly copying?
Show denied material
  • Do not upload `.uaix`, `.uai`, or wiki files to the public site.
  • Do not include private wiki page content, raw prompts, generated text, or private filenames.

Next safe route

Required For deciding whether the next review belongs in Desktop, runtime evidence, or human docs.

Model and hardware posture

Describe model readiness and hardware needs without exposing local model files or pretending the website can run inference.

Show questions this prompt asks
  • Is a local model already reviewed by Desktop, newly downloaded, converted, blocked, or still being researched?
  • Which execution posture is needed: CPU compatibility, GPU compatibility, both GPU and no-GPU compatibility, or evidence-only review?
  • Which public-safe model format label applies: GGUF, safetensors-conversion-needed, ONNX, or unknown?
  • Which evidence is available: SHA-256, byte count, sidecar review, hardware-fit review, worker payload review, or smoke result?
Show denied material
  • Do not upload model files or disclose private local paths.
  • Do not claim actual GPU inference unless accepted runtime device-use evidence exists.

Next safe route

Required For owner-scoped command execution settings in Desktop.

Command capability review

Capture why command execution capability is needed while keeping command dispatch closed from the public website.

Show questions this prompt asks
  • Is command execution capability Required For this agent type?
  • Which command category is being reviewed: file management, build/test, deployment packaging, diagnostics, or evidence generation?
  • Which local approval, audit receipt, and revocation path is Required For a command run?
  • Which commands or command categories must remain blocked?
Show denied material
  • Do not paste command strings that should run on the local machine.
  • Do not ask the public site to dispatch, queue, approve, or simulate desktop commands.

Next safe route

Required For deciding whether this is invited testing, package verification, or a blocked release gate.

Distribution and evidence target

Route the tester toward checksum review, evidence ledger review, download readiness, or a blocked gate explanation.

Show questions this prompt asks
  • Who will use the artifact: owner, directly known tester, developer, AI agent reviewer, or release reviewer?
  • Which artifact identity must be checked: site package, direct-overwrite package, Desktop test ZIP, NuGet package, or evidence JSON?
  • Which gate is being checked: checksum, signing, accessibility, clean-machine validation, certification evidence, package-feed publication, or route consistency?
  • Which non-claim must appear beside the evidence?
Show denied material
  • Do not claim broad public distribution while public signing is false.
  • Do not claim certification, marketplace approval, or runtime safety without accepted evidence.

Next safe route

Required For turning a tester observation into a safe repair path.

Issue report and next action

Collect deployment, UI, validation, package, or runtime symptoms in a redacted way and route to the right evidence surface.

Show questions this prompt asks
  • What did you expect to happen?
  • What happened instead, described without private data?
  • Which public route, package filename, version, phase, or checksum was visible?
  • Which next safe action should happen: validate, inspect developer routes, review Desktop, check evidence, or repair deployment?
Show denied material
  • Do not include secrets, private logs, raw prompts, generated private text, or screenshots containing credentials.
  • Do not treat issue intake as approval to connect, execute, or probe.

Next safe route

Copy-safe prompt

Use this when the intake needs more context.

The prompt packet asks for enough detail to route the work while explicitly rejecting secrets, private files, command strings, local addresses, raw prompts, generated private text, and model uploads.

LocalEndpoint guided intake prompt

Answer only with public-safe, redacted metadata. Do not include credentials, private files, raw prompts, generated private text, localhost targets, private network addresses, command strings, or model files.

1. Situation snapshot (Required For routing a visitor without exposing private material.): What are you trying to accomplish in one or two sentences? Which role is answering: human owner, developer, AI agent, desktop reviewer, release reviewer, or invited tester? Which current state applies: learning, preparing a manifest, checking a Desktop artifact, reviewing evidence, or reporting a deployed-site drift? What is the deadline or reason this needs review now?

2. Endpoint authority map (Required For separating documentation, validation, Desktop approval, and local runtime authority.): What public-safe endpoint type is being described: documentation route, validation route, local app, local service, model runtime, tool bridge, or evidence route? What actions would this endpoint perform only after Desktop approval? What actions must remain blocked from the browser and from AI-agent route discovery? Which approval owner is Required For local use?

3. .uaix and memory package map (Required For Desktop package review and portable agent handoff.): What agent type does the `.uaix` package serve? Confirm that `persona.uai` is present because it is Required For All LocalEndpoint Desktop Packages. Which `.uai` files are Required For this agent type or workflow? Should wiki memory be shared across packages or isolated to this loaded agent? Is the wiki root intended to live under Documents for backup-friendly copying?

4. Model and hardware posture (Required For deciding whether the next review belongs in Desktop, runtime evidence, or human docs.): Is a local model already reviewed by Desktop, newly downloaded, converted, blocked, or still being researched? Which execution posture is needed: CPU compatibility, GPU compatibility, both GPU and no-GPU compatibility, or evidence-only review? Which public-safe model format label applies: GGUF, safetensors-conversion-needed, ONNX, or unknown? Which evidence is available: SHA-256, byte count, sidecar review, hardware-fit review, worker payload review, or smoke result?

5. Command capability review (Required For owner-scoped command execution settings in Desktop.): Is command execution capability Required For this agent type? Which command category is being reviewed: file management, build/test, deployment packaging, diagnostics, or evidence generation? Which local approval, audit receipt, and revocation path is Required For a command run? Which commands or command categories must remain blocked?

6. Distribution and evidence target (Required For deciding whether this is invited testing, package verification, or a blocked release gate.): Who will use the artifact: owner, directly known tester, developer, AI agent reviewer, or release reviewer? Which artifact identity must be checked: site package, direct-overwrite package, Desktop test ZIP, NuGet package, or evidence JSON? Which gate is being checked: checksum, signing, accessibility, clean-machine validation, certification evidence, package-feed publication, or route consistency? Which non-claim must appear beside the evidence?

7. Issue report and next action (Required For turning a tester observation into a safe repair path.): What did you expect to happen? What happened instead, described without private data? Which public route, package filename, version, phase, or checksum was visible? Which next safe action should happen: validate, inspect developer routes, review Desktop, check evidence, or repair deployment?

End with the next safe route and the non-claims that must stay visible beside the evidence.

Local receipt shape

The output is review material, not permission.

The browser can produce a copied or downloaded local receipt. The public website does not store it, submit it, or treat it as approval.

{
  "kind": "localendpoint.guided-intake.receipt.v1",
  "role": "Desktop Reviewer",
  "nextSafeAction": "/download/",
  "publicBoundary": {
    "uploadIntake": false,
    "localhostProbing": false,
    "credentialRequest": false,
    "telemetry": false,
    "publicCommandDispatch": false,
    "runtimeAuthority": false
  },
  "desktopArtifact": {
    "version": "0.2.126.0",
    "phase": "Phase 3.442",
    "sha256": "635d411b11b1332dc8337771854507b60e23c9e9f94ca417cc3778ba17f1d6da",
    "publicDistributionSigned": false
  }
}
Open browser validator Read intake guidance JSON Open full evidence ledger

Operating boundary

Public clarity, local authority.

This public site is static metadata and does not dispatch desktop commands, probe localhost, upload files, collect telemetry, request credentials, or claim runtime safety certification.