Explorer docs
runbookuai-explorerv2Agent-only

UAI Explorer Rules

Explorer rules mechanics. Ecosystem/wipe/sandbox lifecycle superseded by governance protocol vNext.

Updated 2026-07-04·Freshness: Agent·No secret-like patterns were observed in this view.

UAI Explorer Rules

Explorer rules mechanics. Ecosystem/wipe/sandbox lifecycle superseded by governance protocol vNext.

Body

UAI Explorer Rules

Updated: 2026-07-04 (pointer supersession)

Binding contract (read first)

Ecosystem placement, wipe posture, authority layers, and sandbox lifecycle are defined by governance protocol vNext.

Catalog slug (join): uai-doc-governance- + uai-agent-protocol vnext

Agent entry MOC short id: governance-agent-start here-moc-2026-07-04

Sandbox owner rule: CT123, CT124, CT126, and peer lab sandboxes are KEEP. Agents MUST stop sandboxes when done (free RAM). Agents MUST NOT destroy sandboxes or leave them idle-running. Panel/director “retire sandboxes” is wrong.

These Explorer rules remain valid for Explorer AI-lane mechanics. On conflict with vNext about host placement, staged wipe, Mac hosting, Cadence home, Mail/Mesh/B70, or sandbox lifecycle, vNext wins.


Operating boundary (Explorer app)

  • Treat Explorer as an access surface, not a private scratch browser.
  • Lab Explorer production host (currently CT121) is governed internal production for the catalog SOT host — not the definition of whole-ecosystem authority.
  • Explorer sandbox CT126 is the staging/verification lane for Explorer app and content pipeline work.
  • MUST NOT mutate lab Explorer production for exploratory development. Verify in CT126 (or repo), then promote.
  • MUST stop CT126 when done. MUST NOT destroy CT126. Sandboxes are KEEP.
  • MUST NOT add DNS, TLS, firewall, public routing, or mesh exposure changes without a separate owner-approved exposure runbook.

Data safety

  • Never write credentials, cookies, private keys, webhook secrets, connection strings, or raw auth files into docs, diaries, logs, tickets, or prompts.
  • Transient prompt exception: short-lived AI API key for a role=ai user; do not persist it.
  • Redact sensitive content before it reaches viewers, AI context, logs, or audit output.
  • Prefer allowlists for public-safe content.
  • Treat env files, ssh dirs, auth stores, local caches, session databases, and runtime logs as non-browsable.

User and AI separation

  • Humans get the catalog UI. AI users get bounded JSON context endpoints.
  • Fresh AI agents start with bootstrap, then required context slugs.
  • AI context must be redacted, capped, audited, and tag-scoped.
  • AI output has no authority to approve changes, mutate infrastructure, expose content, mark wipe complete, or sign owner stages.
  • Adapters are AI clients, not admin clients.
  • Feedback is append-only signal; never a rule until promoted.

Documentation SOT

  • Explorer is the canonical published documentation surface.
  • Local runbooks and notes are caches or drafts until cataloged.
  • Promote durable truth to lab, then public (no auto-sync).
  • Read development standards from cataloged docs before choosing implementation paths.