AIP-02: Capability Model

Defines the hierarchical capability system governing all execution authority.

Capabilities MUST follow: category.subcategory.action

Examples:

Every tool invocation MUST declare its required capability.
Capabilities MUST be validated before execution.
Capability validation MUST precede policy evaluation for a given tool call.
Unspecified capabilities MUST default to DENY.
Capability escalation MUST NOT occur implicitly.
Capability registry updates MUST be versioned and auditable.
Capability names MUST remain backward compatible; deprecated capabilities MUST remain resolvable.
Implementations SHOULD support capability scoping (domain, workspace, environment).

Capability boundaries define explicit authority limits and reduce ambiguity about delegated authority.