๐Ÿšง Working Draft โ€” agentrc v0.1 is an evolving specification draft, not a finished standard. Expect breaking changes. Changelog โ†’
View Markdown

Runner Conformance

Status: Working Draft
Version: 0.1.0-draft.4

Purpose

This profile describes what a runner must do if it claims compatibility with agentrc packages.

agentrc itself is not the runner. This profile exists so independent runtimes, clouds, CLIs, or sandboxes can state what level of agentrc support they provide.

Required disclosure

A runner SHOULD publish a support statement containing:

  1. supported Agentfile version;
  2. supported directives;
  3. supported policy profiles;
  4. supported credential backends;
  5. supported isolation/backing substrate, if any;
  6. supported audit/export formats;
  7. unsupported directives and failure behavior;
  8. known security limitations.

Core requirements

A runner claiming agentrc Runner Profile conformance MUST:

  1. read an agentrc package or Agentfile source;
  2. validate the Agentfile or fail with a diagnostic;
  3. resolve and verify the lockfile where present;
  4. execute CMD or fail with unsupported entrypoint;
  5. enforce supported security boundaries;
  6. fail closed on unsupported required security boundaries;
  7. resolve credentials only at runtime;
  8. redact credential values;
  9. emit audit records when required;
  10. expose effective support/limits to the operator.

Runner is not the spec

A runner may use any substrate:

local process
container
Docker
containerd
gVisor-style sandbox
microVM
Kubernetes job
serverless worker
managed cloud agent runtime
SSH remote runner
framework-native adapter

The substrate does not change the Agentfile semantics.

Placement directives

ISOLATION, IMAGE, SLICE, PLUGIN, and BACKEND are treated as requested runner capabilities. A portable package SHOULD avoid hard-coding placement unless necessary.

A future companion document may define a separate run manifest for placement.