Skip to content

L3 - Capabilities

The Capabilities layer (L3) defines the actions and tools available to agents, providing a structured interface for interacting with external systems and services.


Capabilities are the agent’s “hands” - they enable agents to perform actions beyond pure reasoning. Each capability is a well-defined, validated, and permissioned action that the agent can invoke.


Schema Validation

Input and output schemas ensure type safety and predictability

Permission Model

Declare required permissions for security enforcement

Rate Limiting

Control resource usage and prevent abuse

Error Handling

Graceful degradation and retry mechanisms


{
"id": "capability-uuid",
"name": "web_search",
"version": "1.0.0",
"description": "Search the web for information",
"category": "information_retrieval",
"input_schema": {
"type": "object",
"properties": {
"query": { "type": "string", "minLength": 1 },
"max_results": { "type": "integer", "minimum": 1, "maximum": 20 }
},
"required": ["query"]
},
"output_schema": {
"type": "object",
"properties": {
"results": {
"type": "array",
"items": {
"type": "object",
"properties": {
"title": { "type": "string" },
"url": { "type": "string", "format": "uri" },
"snippet": { "type": "string" }
}
}
}
}
},
"permissions": ["network:read"],
"rate_limit": {
"requests": 100,
"period": "1m"
},
"timeout_ms": 30000,
"retry_policy": {
"max_attempts": 3,
"backoff_multiplier": 2,
"initial_delay_ms": 1000
}
}

RequirementDescription
Input SchemaDeclare and validate all input parameters
Output SchemaDeclare and validate all outputs
Type SafetyEnforce strong typing at runtime
RequirementDescription
Permission DeclarationExplicitly declare required permissions
Permission EnforcementNever exceed declared permissions
Access LoggingLog all capability invocations with trace ID
RequirementDescription
Timeout HandlingImplement configurable timeouts
Retry LogicUse exponential backoff for transient failures
Error HandlingReturn structured errors without leaking internals
CancellationSupport request cancellation

{
"permissions": [
"network:read", // Read from network (HTTP GET, DNS)
"network:write", // Write to network (HTTP POST/PUT)
"filesystem:read", // Read local files
"filesystem:write", // Write local files
"database:read", // Read from database
"database:write", // Write to database
"secrets:read", // Access secret vault
"compute:execute" // Execute compute operations
]
}

{
"rate_limit": {
"requests": 100,
"period": "1m",
"burst": 10
}
}
{
"error": "rate_limit_exceeded",
"message": "Too many requests",
"retry_after_seconds": 42,
"limit": 100,
"remaining": 0,
"reset_at": "2026-01-15T12:05:00Z"
}

{
"capability_id": "web_search",
"parameters": {
"query": "ARAL specification",
"max_results": 10
},
"trace_id": "uuid",
"timeout_ms": 30000
}
{
"success": true,
"result": {
"results": [
{
"title": "ARAL Standard Documentation",
"url": "https://aral-standard.org",
"snippet": "The open standard for AI agent architectures..."
}
]
},
"execution_time_ms": 1234,
"cost_estimate": {
"compute": 0.001,
"network": 0.0005
}
}
{
"success": false,
"error": {
"code": "timeout",
"message": "Request exceeded timeout of 30000ms",
"retryable": true
},
"execution_time_ms": 30000
}

{
"retry_policy": {
"max_attempts": 3,
"backoff_multiplier": 2,
"initial_delay_ms": 1000,
"max_delay_ms": 10000,
"retry_on": ["timeout", "network_error", "rate_limit"]
}
}

Retry Schedule:

  • Attempt 1: immediate
  • Attempt 2: 1000ms delay
  • Attempt 3: 2000ms delay

  1. Define Clear Schemas: Comprehensive input/output validation prevents errors
  2. Declare Minimal Permissions: Follow principle of least privilege
  3. Implement Timeouts: Prevent hanging requests
  4. Use Exponential Backoff: Handle transient failures gracefully
  5. Provide Cost Estimates: Help orchestrators make informed decisions
  6. Log Invocations: Maintain audit trail for debugging
  7. Validate Everything: Check inputs and outputs against schemas

Information Retrieval

Web search, database queries, API calls

Data Processing

Transformation, analysis, aggregation

Communication

Email, chat, notifications

Storage

File operations, database writes



© 2026 IbIFACE — CC BY 4.0