{ "schema": "agilab.capability_rules.v1", "schema_version": 1, "description": "Declarative metadata for AGILAB's public capability-manifest linter. The file is YAML-compatible JSON so it can be loaded by plain python3 without PyYAML.", "profiles": { "governance": [ "agent-skill-field", "boundary-field", "catalog-file-exists-flag", "catalog-file-field", "catalog-required-file", "cli-command-field", "cli-evidence-output", "cli-evidence-schema-source", "cli-maturity", "doc-exists-flag", "doc-field", "doc-path-exists", "evidence-schema-field", "evidence-schema-prefix", "evidence-schema-source-exists", "generated-command", "generated-command-references-tool", "generated-tool", "generated-tool-exists", "package-field", "package-project-exists", "public-app-field", "public-app-package-known", "public-app-package-required", "public-app-status", "repo-path-exists", "source-built-in-package-none", "source-field", "streamlit-page-field", "streamlit-source-exists-flag", "streamlit-visible-bool", "summary-count", "unique-key" ], "ai-safety": [ "boundary-limit", "cli-evidence-schema-source", "doc-path-exists", "evidence-schema-source-exists", "generated-tool-exists", "public-app-package-known", "repo-path-exists", "source-built-in-package-none" ], "security": [ "boundary-limit", "source-https" ], "contract": [ "expected-list", "expected-object", "load-json", "manifest-schema", "manifest-schema-version", "required-key", "rules-catalog-missing-rule", "rules-catalog-stale-rule", "rules-category", "rules-field", "rules-file-exists", "rules-profile-field", "rules-profile-reference", "rules-schema", "rules-schema-version", "rules-severity", "rules-severity-mismatch", "rules-unknown-issue", "schema-const", "schema-definitions", "schema-draft", "schema-file-exists", "schema-properties", "schema-required-surface", "schema-version-const" ] }, "rules": [ {"id": "agent-skill-field", "severity": "error", "category": "discoverability", "title": "Agent skill metadata is complete", "rationale": "Agent-facing skill catalogs need stable names, descriptions, and paths for reliable discovery."}, {"id": "boundary-field", "severity": "error", "category": "boundary", "title": "Capability boundary fields are present", "rationale": "The public manifest must describe what it proves and does not prove."}, {"id": "boundary-limit", "severity": "error", "category": "boundary", "title": "Capability boundary excludes over-claims", "rationale": "The manifest must not imply runtime success, production readiness, or security certification."}, {"id": "catalog-file-exists-flag", "severity": "error", "category": "catalog-contract", "title": "Catalog files are marked existing", "rationale": "Catalog entries should only advertise checked-in files that the generator found."}, {"id": "catalog-file-field", "severity": "error", "category": "catalog-contract", "title": "Catalog file metadata is complete", "rationale": "Machine readers need a path, kind, and description for each catalog file."}, {"id": "catalog-required-file", "severity": "error", "category": "catalog-contract", "title": "Required catalog files are listed", "rationale": "The capability manifest, schema, and rule catalog must remain discoverable from the manifest."}, {"id": "cli-command-field", "severity": "error", "category": "discoverability", "title": "CLI command metadata is complete", "rationale": "Agent routing depends on stable command identifiers, kinds, maturity labels, and descriptions."}, {"id": "cli-evidence-output", "severity": "error", "category": "evidence-contract", "title": "CLI evidence outputs are named", "rationale": "Evidence outputs must be explicit strings so downstream tools can reason about produced artifacts."}, {"id": "cli-evidence-schema-source", "severity": "error", "category": "evidence-contract", "title": "CLI evidence schemas are declared", "rationale": "Any agilab.* evidence output from a command must be listed in the evidence schema inventory."}, {"id": "cli-maturity", "severity": "error", "category": "catalog-contract", "title": "CLI maturity labels are known", "rationale": "Unknown maturity labels make public capability status ambiguous."}, {"id": "doc-exists-flag", "severity": "error", "category": "discoverability", "title": "Documentation entries are marked existing", "rationale": "Docs entries should only advertise checked-in pages that the generator found."}, {"id": "doc-field", "severity": "error", "category": "discoverability", "title": "Documentation metadata is complete", "rationale": "Public documentation entries need paths, titles, and descriptions for navigation."}, {"id": "doc-path-exists", "severity": "error", "category": "path-integrity", "title": "Referenced docs paths exist", "rationale": "Command docs references must not point agents or users to missing files."}, {"id": "evidence-schema-field", "severity": "error", "category": "evidence-contract", "title": "Evidence schema metadata is complete", "rationale": "Evidence schema rows need stable schema names and source files."}, {"id": "evidence-schema-prefix", "severity": "error", "category": "evidence-contract", "title": "Evidence schemas use AGILAB namespace", "rationale": "AGILAB-owned evidence contracts must use an agilab.* schema namespace."}, {"id": "evidence-schema-source-exists", "severity": "error", "category": "path-integrity", "title": "Evidence schema sources exist", "rationale": "Advertised evidence contracts must have source files in the repository."}, {"id": "expected-list", "severity": "error", "category": "schema-contract", "title": "Manifest field is a list", "rationale": "Array-shaped manifest fields must remain arrays for deterministic consumers."}, {"id": "expected-object", "severity": "error", "category": "schema-contract", "title": "Manifest field is an object", "rationale": "Object-shaped manifest fields must remain objects for deterministic consumers."}, {"id": "generated-command", "severity": "error", "category": "provenance", "title": "Generator command is declared", "rationale": "The manifest must expose the command that regenerates it."}, {"id": "generated-command-references-tool", "severity": "warning", "category": "provenance", "title": "Generator command references its tool", "rationale": "The recorded generation command should point at the checked-in generator for auditability."}, {"id": "generated-tool", "severity": "error", "category": "provenance", "title": "Generator tool is declared", "rationale": "The manifest must expose the checked-in tool that produced it."}, {"id": "generated-tool-exists", "severity": "error", "category": "provenance", "title": "Generator tool exists", "rationale": "A generated manifest is not replayable when its generator path is missing."}, {"id": "load-json", "severity": "error", "category": "schema-contract", "title": "Manifest inputs load", "rationale": "The linter cannot validate malformed JSON or JSON-compatible rules files."}, {"id": "manifest-schema", "severity": "error", "category": "schema-contract", "title": "Manifest schema id is expected", "rationale": "The manifest must declare the public AGILAB capability schema identifier."}, {"id": "manifest-schema-version", "severity": "error", "category": "schema-contract", "title": "Manifest schema version is expected", "rationale": "Schema version drift must be explicit and reviewed."}, {"id": "package-field", "severity": "error", "category": "package-contract", "title": "Package metadata is complete", "rationale": "Public package rows need name, role, status, version, description, and pyproject path."}, {"id": "package-project-exists", "severity": "error", "category": "path-integrity", "title": "Package project paths exist", "rationale": "Package entries must not advertise missing project roots."}, {"id": "public-app-field", "severity": "error", "category": "package-contract", "title": "Public app metadata is complete", "rationale": "Public app rows need project, status, source, version, and description fields."}, {"id": "public-app-package-known", "severity": "error", "category": "package-contract", "title": "Public app package is known", "rationale": "Packaged public apps must reference a package present in the manifest."}, {"id": "public-app-package-required", "severity": "error", "category": "package-contract", "title": "Packaged public apps declare package", "rationale": "PyPI and release-artifact apps need an explicit package link."}, {"id": "public-app-status", "severity": "error", "category": "package-contract", "title": "Public app status is known", "rationale": "Unknown app status values make app publication state ambiguous."}, {"id": "repo-path-exists", "severity": "error", "category": "path-integrity", "title": "Referenced repository path exists", "rationale": "Manifest paths must resolve inside the repository."}, {"id": "required-key", "severity": "error", "category": "schema-contract", "title": "Required key is present", "rationale": "Missing required manifest keys break public consumers."}, {"id": "rules-catalog-missing-rule", "severity": "error", "category": "rules-contract", "title": "Emitted rule is cataloged", "rationale": "Every rule emitted by the linter must have declarative metadata."}, {"id": "rules-catalog-stale-rule", "severity": "error", "category": "rules-contract", "title": "Rules catalog has no stale entries", "rationale": "Removed linter rules must not remain advertised in the public rule catalog."}, {"id": "rules-category", "severity": "error", "category": "rules-contract", "title": "Rule category is known", "rationale": "Rule categories must stay bounded so diagnostics can be grouped consistently."}, {"id": "rules-field", "severity": "error", "category": "rules-contract", "title": "Rule metadata is complete", "rationale": "Each rule needs id, severity, category, title, and rationale for auditability."}, {"id": "rules-file-exists", "severity": "error", "category": "rules-contract", "title": "Rules catalog file exists", "rationale": "The linter rule contract must be checked in."}, {"id": "rules-profile-field", "severity": "error", "category": "rules-contract", "title": "Rules profiles are well formed", "rationale": "Profile names must map to explicit rule-id lists."}, {"id": "rules-profile-reference", "severity": "error", "category": "rules-contract", "title": "Rules profiles reference known rules", "rationale": "Profiles must not point to undeclared or removed rule ids."}, {"id": "rules-schema", "severity": "error", "category": "rules-contract", "title": "Rules catalog schema id is expected", "rationale": "The rules catalog must declare the AGILAB capability-rules schema identifier."}, {"id": "rules-schema-version", "severity": "error", "category": "rules-contract", "title": "Rules catalog version is expected", "rationale": "Rules catalog version drift must be explicit and reviewed."}, {"id": "rules-severity", "severity": "error", "category": "rules-contract", "title": "Rule severity is known", "rationale": "Rule severities must be one of error, warning, or info."}, {"id": "rules-severity-mismatch", "severity": "error", "category": "rules-contract", "title": "Runtime severity matches catalog", "rationale": "Emitted issue severity must match the declared rule severity."}, {"id": "rules-unknown-issue", "severity": "error", "category": "rules-contract", "title": "Issues use cataloged rules", "rationale": "Diagnostics without rule metadata are not auditable."}, {"id": "schema-const", "severity": "error", "category": "schema-contract", "title": "Schema constrains manifest schema id", "rationale": "The JSON Schema must enforce the manifest schema identifier."}, {"id": "schema-definitions", "severity": "error", "category": "schema-contract", "title": "Schema definitions cover public surfaces", "rationale": "The JSON Schema must define key public entry contracts."}, {"id": "schema-draft", "severity": "error", "category": "schema-contract", "title": "Schema uses JSON Schema 2020-12", "rationale": "The schema draft must remain explicit for compatible tooling."}, {"id": "schema-file-exists", "severity": "error", "category": "schema-contract", "title": "Schema file exists", "rationale": "The public manifest schema must be checked in."}, {"id": "schema-properties", "severity": "error", "category": "schema-contract", "title": "Schema declares top-level properties", "rationale": "Public consumers need a complete top-level manifest shape."}, {"id": "schema-required-surface", "severity": "error", "category": "schema-contract", "title": "Schema requires main surfaces", "rationale": "The schema must require CLI, package, and app surfaces."}, {"id": "schema-version-const", "severity": "error", "category": "schema-contract", "title": "Schema constrains manifest version", "rationale": "The JSON Schema must enforce the current manifest schema version."}, {"id": "source-built-in-package-none", "severity": "error", "category": "package-contract", "title": "Built-in source apps do not declare package", "rationale": "Source built-in apps should not masquerade as separately packaged apps."}, {"id": "source-field", "severity": "error", "category": "source-integrity", "title": "Source metadata is complete", "rationale": "Repository, documentation, project, and version metadata must be present."}, {"id": "source-https", "severity": "error", "category": "source-integrity", "title": "Public source URLs use HTTPS", "rationale": "Public repository and documentation links should not use insecure URL schemes."}, {"id": "streamlit-page-field", "severity": "error", "category": "ui-contract", "title": "Streamlit page metadata is complete", "rationale": "UI page rows need title, source, and purpose for routing and docs."}, {"id": "streamlit-source-exists-flag", "severity": "error", "category": "ui-contract", "title": "Streamlit pages are marked existing", "rationale": "UI entries should only advertise checked-in pages that the generator found."}, {"id": "streamlit-visible-bool", "severity": "error", "category": "ui-contract", "title": "Streamlit visibility is boolean", "rationale": "Navigation visibility must be an explicit boolean for consumers."}, {"id": "summary-count", "severity": "error", "category": "summary-contract", "title": "Summary counts match manifest rows", "rationale": "Manifest summary counts must not drift from the listed public surfaces."}, {"id": "unique-key", "severity": "error", "category": "catalog-contract", "title": "Catalog keys are unique", "rationale": "Duplicate identifiers create ambiguous routing and lookup results."} ] }