Executable Websites Spec

Version: 1.0.0. Last updated: 2026-02-28.

1. Scope

This spec defines how a website exposes executable capabilities to AI agents: identity (passport), capability list, and invocation contract.

2. Requirements

• An executable site MUST expose an agent identity (e.g. passport) that includes agent_id, capabilities, and a stable endpoint URL or well-known URL.
• Invocation MUST be performed via a defined HTTP API (e.g. POST with capability, action, payload, idempotency key).
• Implementations SHOULD support signed execution receipts when routing context is present (binding trace_id, decision_id, agent_id, idempotency_key).
• Implementations MAY reserve economic units (e.g. NCT) before execution and settle after.
• Responses SHOULD return a structured result; when receipt is required, response MUST include a signed receipt conforming to the receipt schema.

3. Example payloads

3.1 Invoke request

POST /api/agent/execute (or /api/v1/agent/execute)
Content-Type: application/json

{
  "business_id": "uuid",
  "capability_key": "capture",
  "input": { ... },
  "idempotency_key": "string"
}

3.2 Invoke response (with receipt)

{
  "result": { ... },
  "signedReceipt": {
    "receipt": { "version": "1", "agent_id": "...", "trace_id": "...", ... },
    "signature": "base64"
  }
}

4. Changelog

• 1.0.0 (2026-02-28): Initial release; passport, invoke contract, optional receipt.

5. Compatibility

Sites that do not yet return signed receipts can operate with ALLOW_UNVERIFIED_RECEIPTS; receipt support is recommended for trusted ranking.