UAI Explorer Rules
Explorer rules mechanics. Ecosystem/wipe/sandbox lifecycle superseded by governance protocol vNext.
Body
UAI Explorer Rules
Updated: 2026-07-04 (pointer supersession)
Binding contract (read first)
Ecosystem placement, wipe posture, authority layers, and sandbox lifecycle are defined by governance protocol vNext.
Catalog slug (join): uai-doc-governance- + uai-agent-protocol vnext
Agent entry MOC short id: governance-agent-start here-moc-2026-07-04
Sandbox owner rule: CT123, CT124, CT126, and peer lab sandboxes are KEEP. Agents MUST stop sandboxes when done (free RAM). Agents MUST NOT destroy sandboxes or leave them idle-running. Panel/director “retire sandboxes” is wrong.
These Explorer rules remain valid for Explorer AI-lane mechanics. On conflict with vNext about host placement, staged wipe, Mac hosting, Cadence home, Mail/Mesh/B70, or sandbox lifecycle, vNext wins.
Operating boundary (Explorer app)
- Treat Explorer as an access surface, not a private scratch browser.
- Lab Explorer production host (currently CT121) is governed internal production for the catalog SOT host — not the definition of whole-ecosystem authority.
- Explorer sandbox CT126 is the staging/verification lane for Explorer app and content pipeline work.
- MUST NOT mutate lab Explorer production for exploratory development. Verify in CT126 (or repo), then promote.
- MUST stop CT126 when done. MUST NOT destroy CT126. Sandboxes are KEEP.
- MUST NOT add DNS, TLS, firewall, public routing, or mesh exposure changes without a separate owner-approved exposure runbook.
Data safety
- Never write credentials, cookies, private keys, webhook secrets, connection strings, or raw auth files into docs, diaries, logs, tickets, or prompts.
- Transient prompt exception: short-lived AI API key for a role=ai user; do not persist it.
- Redact sensitive content before it reaches viewers, AI context, logs, or audit output.
- Prefer allowlists for public-safe content.
- Treat env files, ssh dirs, auth stores, local caches, session databases, and runtime logs as non-browsable.
User and AI separation
- Humans get the catalog UI. AI users get bounded JSON context endpoints.
- Fresh AI agents start with bootstrap, then required context slugs.
- AI context must be redacted, capped, audited, and tag-scoped.
- AI output has no authority to approve changes, mutate infrastructure, expose content, mark wipe complete, or sign owner stages.
- Adapters are AI clients, not admin clients.
- Feedback is append-only signal; never a rule until promoted.
Documentation SOT
- Explorer is the canonical published documentation surface.
- Local runbooks and notes are caches or drafts until cataloged.
- Promote durable truth to lab, then public (no auto-sync).
- Read development standards from cataloged docs before choosing implementation paths.