agent-permissions.json validator

What is agent-permissions.json?

agent-permissions.json is an emerging convention for declaring which agents are allowed to call which endpoints, and under what conditions. It lives at /agent-permissions.json or /.well-known/agent-permissions.json.

Why adopt it

robots.txt tells crawlers which URLs are off-limits, but says nothing about actions. agent-permissions.json is the complement: it declares which agents may read, write, or delete, and under what conditions. Adopting early is a bet that the spec ratifies - if it does, early adopters set the norms. If it doesn’t, the cost was writing a small JSON file.

What we check

• C7 - Exists. File returns HTTP 200 with parseable JSON that is a root object (not an array or primitive).

Illustrative example

{
  "version": "0.1",
  "defaults": {
    "allow": ["read"],
    "deny": ["write", "delete"]
  },
  "agents": {
    "gptbot": { "allow": ["read"] },
    "claudebot": { "allow": ["read"] }
  }
}

Shape not yet normative - the structure above is one of several proposals in circulation. Our validator only asserts that the file exists and parses as a JSON object, so experimenting with your own shape won’t fail the check.

Emerging spec

The agent-permissions spec is still in early drafting, so we validate presence and JSON structure only. Treat this check as a stepping stone - once the schema stabilises, we’ll add field-level validation.

Related tools

• MCP Server Card Validator

  Validate your /.well-known/mcp.json.

• A2A Agent Card Validator

  Validate your /.well-known/agent-card.json.

• agents.json Validator

  Validate your Wildcard agents.json manifest.