{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"hn-47235632","slug":"agent-action-protocol-aap-mcp-got-us-started-but-i","name":"Agent Action Protocol (AAP) – MCP got us started, but is insufficient","type":"mcp","url":"https://github.com/agentactionprotocol/aap/","page_url":"https://unfragile.ai/agent-action-protocol-aap-mcp-got-us-started-but-i","categories":["mcp-servers"],"tags":["hackernews","show-hn"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"hn-47235632__cap_0","uri":"capability://tool.use.integration.agent.action.schema.definition.and.validation","name":"agent-action-schema-definition-and-validation","description":"Defines a standardized schema for agent actions that extends beyond MCP's limitations by supporting stateful action chains, conditional branching, and multi-step workflows. Uses a declarative JSON/YAML schema format that agents can parse to understand action preconditions, postconditions, side effects, and rollback semantics. Validates action payloads against the schema before execution to prevent malformed requests from reaching tools.","intents":["Define what actions an agent can take with explicit contracts about inputs, outputs, and state changes","Ensure agents don't attempt invalid action sequences by validating preconditions before execution","Enable agents to understand action dependencies and side effects without trial-and-error","Create reusable action definitions that work across multiple agent implementations"],"best_for":["teams building multi-agent systems where action contracts must be explicit and enforceable","developers migrating from MCP who need richer action semantics than request-response pairs","organizations requiring audit trails and rollback capabilities for agent actions"],"limitations":["Schema complexity grows with stateful workflows — no built-in optimization for deeply nested conditional branches","Validation overhead adds latency per action (~50-200ms depending on schema complexity)","No native support for async action chains — requires external orchestration for long-running operations","Schema versioning and migration between versions requires manual handling"],"requires":["JSON or YAML parser compatible with the AAP schema specification","Agent runtime with schema validation middleware","Explicit action registry or service discovery mechanism"],"input_types":["JSON schema definitions","YAML action manifests","structured action payloads"],"output_types":["validation results (pass/fail with error details)","action execution results with state deltas","audit logs of action attempts and outcomes"],"categories":["tool-use-integration","planning-reasoning"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_1","uri":"capability://automation.workflow.multi.step.action.orchestration.with.state.tracking","name":"multi-step-action-orchestration-with-state-tracking","description":"Orchestrates sequences of actions where later actions depend on state changes from earlier ones, tracking state mutations across the action chain. Implements a state machine pattern where each action declares what state it reads and writes, allowing the orchestrator to detect conflicts, serialize access, and enable rollback. Supports conditional branching based on action results without requiring the agent to re-plan between steps.","intents":["Execute multi-step workflows where each step depends on the previous step's output","Prevent race conditions when multiple agents or action branches modify shared state","Automatically rollback failed action sequences to a known good state","Enable agents to branch execution paths based on action results without replanning"],"best_for":["agents performing database transactions or API orchestration requiring ACID-like guarantees","multi-agent systems where actions must be serialized to prevent state corruption","workflows requiring automatic rollback on failure (e.g., infrastructure provisioning, payment processing)"],"limitations":["State tracking adds memory overhead proportional to action chain depth","Rollback only works for actions that explicitly declare their state mutations — legacy tools require adapters","No distributed transaction support — state must be centralized or use eventual consistency patterns","Circular dependencies in action state requirements will deadlock the orchestrator"],"requires":["State store (in-memory, Redis, or database) accessible to the orchestrator","Actions must declare read/write sets in their schema","Rollback handlers for each action type"],"input_types":["action sequences with dependency declarations","state snapshots","conditional branch predicates"],"output_types":["final state after all actions complete","execution trace with state deltas per action","rollback confirmation if failure occurs"],"categories":["automation-workflow","planning-reasoning"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_10","uri":"capability://automation.workflow.action.versioning.and.backward.compatibility.management","name":"action-versioning-and-backward-compatibility-management","description":"Manages multiple versions of actions simultaneously, enabling agents to use different versions based on their requirements or capabilities. Implements a versioning scheme where actions declare their version and breaking changes, and the orchestrator routes requests to compatible versions. Supports gradual migration from old to new action versions without breaking existing agents.","intents":["Update action implementations without breaking agents using older versions","Support multiple action versions for gradual migration","Enable agents to opt-in to new action versions when ready","Maintain backward compatibility while evolving action schemas"],"best_for":["systems with long-lived agents that can't be updated immediately","large deployments where coordinated updates are impractical","APIs with strict backward compatibility requirements"],"limitations":["Version management adds complexity — must maintain multiple action implementations","Routing to correct version adds latency (~10-50ms depending on version resolution)","Deprecation of old versions requires coordination with all agents using them","No automatic migration path — agents must explicitly opt-in to new versions"],"requires":["version management system (semantic versioning or custom)","action registry that tracks multiple versions","version resolution logic in orchestrator"],"input_types":["action requests with optional version specification","version compatibility metadata"],"output_types":["action execution using compatible version","version mismatch errors if no compatible version exists"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_11","uri":"capability://automation.workflow.action.observability.and.distributed.tracing","name":"action-observability-and-distributed-tracing","description":"Instruments action execution with distributed tracing to track request flow across multiple actions and agents, capturing latency, dependencies, and error paths. Implements OpenTelemetry-compatible tracing where each action execution generates spans with metadata (inputs, outputs, duration, status), enabling visualization of action chains and performance analysis. Correlates traces across agents to understand multi-agent workflows.","intents":["Debug slow action sequences by identifying bottleneck actions","Understand dependencies between actions by examining trace graphs","Monitor agent performance and detect regressions","Correlate errors across multiple agents in a workflow"],"best_for":["complex multi-agent systems where understanding action flow is critical","performance-sensitive systems where latency optimization is important","debugging production issues in distributed agent systems"],"limitations":["Tracing adds overhead per action (~20-100ms depending on trace backend)","Trace storage grows with action volume — requires retention policies","Trace correlation requires propagating trace IDs across agents — adds complexity","Sensitive data in traces must be redacted — requires custom sanitization"],"requires":["OpenTelemetry SDK or compatible tracing library","trace backend (Jaeger, Datadog, New Relic, or custom)","trace propagation mechanism (context headers, environment variables)"],"input_types":["action execution events with trace context","trace queries and filters"],"output_types":["trace spans with metadata","trace visualizations and flame graphs"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_12","uri":"capability://automation.workflow.action.testing.and.simulation.framework","name":"action-testing-and-simulation-framework","description":"Provides a testing framework for validating action behavior in isolation and in composition, supporting unit tests, integration tests, and simulation of action sequences. Implements mock actions for testing without external dependencies, and a simulation engine that replays action sequences to verify correctness. Supports property-based testing to verify action invariants.","intents":["Test action implementations before deploying to production","Verify action compositions work correctly without executing real actions","Simulate agent workflows to find bugs before runtime","Validate action error handling and recovery strategies"],"best_for":["teams developing complex action compositions that must be reliable","systems where action failures have high cost (financial, safety-critical)","continuous integration pipelines that must validate actions before deployment"],"limitations":["Mock actions may not accurately simulate real action behavior — gaps between test and production","Simulation is deterministic but real execution may have timing-dependent bugs","Property-based testing requires defining invariants — not all action properties are easily expressible","Test coverage of action compositions grows exponentially with composition depth"],"requires":["testing framework (pytest, Jest, or custom)","mock action implementations","simulation engine"],"input_types":["action definitions","test cases with inputs and expected outputs","action composition definitions"],"output_types":["test results (pass/fail)","simulation traces","coverage reports"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_2","uri":"capability://automation.workflow.action.result.streaming.and.progressive.feedback","name":"action-result-streaming-and-progressive-feedback","description":"Streams action results back to the agent and client in real-time rather than waiting for full completion, enabling progressive feedback loops where agents can react to partial results. Implements a streaming protocol that emits intermediate state changes, progress indicators, and error signals as they occur, allowing agents to make early decisions (e.g., cancel a long-running action if intermediate results are unsatisfactory).","intents":["Get real-time feedback from long-running actions without blocking the agent","Allow agents to cancel or modify actions based on intermediate results","Provide users with progress visibility into multi-step workflows","Enable agents to react to errors as they occur rather than waiting for full failure"],"best_for":["agents controlling long-running processes (data pipelines, infrastructure provisioning, batch jobs)","interactive systems where users need visibility into agent progress","systems requiring early termination of actions based on intermediate signals"],"limitations":["Streaming adds complexity to error handling — partial results may be inconsistent if action fails mid-stream","Requires bidirectional communication channel (WebSocket, gRPC, or similar) — not compatible with simple HTTP request-response","Agent must implement logic to handle out-of-order or duplicate stream events","Memory overhead for buffering stream events if client is slower than producer"],"requires":["bidirectional communication protocol (WebSocket, gRPC, Server-Sent Events, or similar)","agent implementation that can handle streaming results and make decisions mid-stream","action implementations that emit progress events"],"input_types":["action requests with streaming preference flags","cancellation signals from agent or client"],"output_types":["streaming event sequence (progress, intermediate results, errors)","final result summary after stream closes"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_3","uri":"capability://tool.use.integration.action.capability.discovery.and.negotiation","name":"action-capability-discovery-and-negotiation","description":"Enables agents to discover available actions and their capabilities at runtime through a capability registry, negotiating which actions are available based on agent permissions, resource constraints, and runtime conditions. Implements a service discovery pattern where actions advertise their requirements (e.g., API keys, resource limits, dependencies) and the registry matches agent capabilities to available actions. Supports dynamic capability updates when new tools are registered or permissions change.","intents":["Discover what actions are available to an agent without hardcoding action lists","Ensure agents only attempt actions they have permission to execute","Adapt available actions based on runtime constraints (e.g., rate limits, resource availability)","Enable new tools to be added to the system without redeploying agents"],"best_for":["multi-tenant systems where different agents have different action permissions","dynamic environments where tools are added/removed at runtime","large action spaces where hardcoding action lists is impractical"],"limitations":["Registry lookup adds latency per agent startup (~100-500ms depending on registry size)","Capability negotiation logic can become complex with many constraints — no built-in optimization","No caching strategy for capability discovery — repeated lookups hit the registry","Permission model must be defined separately — AAP provides no built-in RBAC"],"requires":["capability registry service (in-memory, database, or distributed)","agent runtime that queries registry on startup or periodically","permission/constraint model defined for your domain"],"input_types":["agent identity/credentials","resource constraints","capability query filters"],"output_types":["list of available actions with full schemas","capability metadata (permissions, resource requirements, dependencies)"],"categories":["tool-use-integration","memory-knowledge"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_4","uri":"capability://automation.workflow.action.error.handling.and.recovery.strategies","name":"action-error-handling-and-recovery-strategies","description":"Defines declarative error handling strategies in action schemas, specifying how agents should respond to different failure modes (retry with backoff, fallback to alternative action, escalate to human, etc.). Implements a recovery pattern where actions declare their failure modes and the orchestrator automatically applies the appropriate recovery strategy without requiring agent-level error handling logic.","intents":["Automatically retry failed actions with exponential backoff without agent intervention","Define fallback actions to execute if primary action fails","Escalate unrecoverable errors to humans or monitoring systems","Prevent agents from getting stuck on transient failures"],"best_for":["agents controlling critical infrastructure where transient failures are common","systems requiring automatic recovery without human intervention","multi-agent systems where error handling must be consistent across agents"],"limitations":["Recovery strategies are declarative but not adaptive — no learning from repeated failures","Retry logic assumes idempotent actions — non-idempotent actions may cause side effects on retry","Escalation requires external system integration (monitoring, ticketing) — not built-in","Circular fallback chains (A falls back to B, B falls back to A) must be detected manually"],"requires":["action schemas with error handling strategy declarations","orchestrator that implements retry/fallback/escalation logic","external systems for escalation (monitoring, alerting, ticketing)"],"input_types":["action execution results with error details","error handling strategy from action schema"],"output_types":["recovery action execution (retry, fallback, escalation)","final result after recovery attempt"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_5","uri":"capability://safety.moderation.action.audit.logging.and.compliance.tracking","name":"action-audit-logging-and-compliance-tracking","description":"Automatically logs all action executions with full context (who initiated, what action, inputs, outputs, state changes, timestamp) to an immutable audit trail. Implements a logging middleware that captures action lifecycle events (requested, started, completed, failed) and stores them in a format suitable for compliance audits, forensic analysis, and debugging. Supports filtering and querying the audit log by agent, action type, time range, or outcome.","intents":["Create an immutable record of all agent actions for compliance and auditing","Debug agent behavior by replaying action sequences","Investigate security incidents by examining who did what and when","Generate compliance reports showing action history for regulated systems"],"best_for":["regulated industries (finance, healthcare, government) requiring action audit trails","security-sensitive systems where agent actions must be traceable","debugging complex multi-agent systems where understanding action history is critical"],"limitations":["Audit logging adds I/O overhead per action (~50-200ms depending on storage backend)","Immutable audit logs grow unbounded — requires retention policies and archival strategy","Sensitive data in action inputs/outputs must be redacted before logging — requires custom sanitization","Querying large audit logs can be slow without proper indexing"],"requires":["persistent storage for audit logs (database, append-only log, or distributed ledger)","logging middleware integrated into action orchestrator","query interface for audit log retrieval"],"input_types":["action execution events (request, start, complete, fail)","agent identity and context"],"output_types":["audit log entries with full context","audit log queries and reports"],"categories":["safety-moderation","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_6","uri":"capability://safety.moderation.agent.permission.and.resource.quota.enforcement","name":"agent-permission-and-resource-quota-enforcement","description":"Enforces fine-grained permissions and resource quotas at the action execution layer, preventing agents from executing unauthorized actions or exceeding resource limits. Implements a policy engine that evaluates agent credentials against action requirements before execution, and tracks resource consumption (API calls, compute time, memory) against per-agent quotas. Blocks execution if permissions are insufficient or quotas are exceeded.","intents":["Prevent agents from executing actions they don't have permission for","Limit resource consumption per agent to prevent runaway execution","Enforce rate limits on external API calls made through actions","Implement multi-tenant isolation where agents in different tenants can't access each other's actions"],"best_for":["multi-tenant systems where strict isolation between agents is required","systems with expensive external API integrations that must be rate-limited","security-sensitive environments where least-privilege access is mandatory"],"limitations":["Permission checking adds latency per action (~20-100ms depending on policy complexity)","Quota tracking requires shared state — distributed quota enforcement is complex","Permission model must be defined separately — AAP provides no built-in RBAC framework","Resource consumption tracking is approximate — precise accounting requires instrumentation of all actions"],"requires":["permission/credential system (OAuth, API keys, JWT, or custom)","policy engine for evaluating permissions","quota tracking store (in-memory, Redis, or database)","resource instrumentation in actions"],"input_types":["agent credentials/identity","action request with resource requirements","permission policies"],"output_types":["permission check result (allow/deny with reason)","quota status (remaining quota, exceeded)"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_7","uri":"capability://automation.workflow.action.composition.and.macro.definition","name":"action-composition-and-macro-definition","description":"Enables defining composite actions (macros) that are sequences of primitive actions with control flow, allowing agents to invoke high-level workflows as single actions. Implements a composition language where macros declare their inputs, outputs, and internal action sequences, and the orchestrator expands macros into primitive actions at execution time. Supports conditional branching, loops, and error handling within macros.","intents":["Define reusable multi-step workflows as single actions that agents can invoke","Reduce agent planning complexity by abstracting common action sequences","Enable non-technical users to define workflows without modifying agent code","Compose actions from other actions to build higher-level capabilities"],"best_for":["systems with common multi-step workflows that multiple agents need to execute","organizations where non-technical users need to define workflows","reducing agent planning complexity by providing high-level abstractions"],"limitations":["Macro expansion adds latency per invocation (~50-200ms depending on macro complexity)","Debugging macro execution is harder than debugging primitive actions — requires trace expansion","Circular macro definitions (A calls B, B calls A) must be detected and prevented","Macro composition depth is limited by orchestrator stack depth — deeply nested macros may fail"],"requires":["macro definition language (YAML, JSON, or DSL)","macro registry and expansion engine","orchestrator that handles macro expansion"],"input_types":["macro definitions with action sequences","macro invocation with inputs"],"output_types":["expanded action sequence","macro execution result"],"categories":["automation-workflow","planning-reasoning"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_8","uri":"capability://automation.workflow.cross.agent.action.coordination.and.synchronization","name":"cross-agent-action-coordination-and-synchronization","description":"Enables multiple agents to coordinate on shared actions and synchronize their execution, preventing race conditions and ensuring consistent ordering. Implements a coordination protocol where agents can request locks on shared resources, wait for other agents to complete actions, or synchronize on barriers. Supports distributed consensus for coordinated decision-making across agents.","intents":["Prevent multiple agents from executing conflicting actions on shared resources","Synchronize multi-agent workflows where later steps depend on earlier agents' actions","Implement distributed transactions across multiple agents","Coordinate agents in a swarm to achieve collective goals"],"best_for":["multi-agent systems where agents must coordinate on shared resources","distributed systems requiring consensus across agents","swarm robotics or collective intelligence systems"],"limitations":["Coordination adds latency and complexity — agents must wait for locks/barriers","Deadlock is possible if agents hold locks while waiting for other locks — requires careful design","Distributed consensus is slow and requires quorum — not suitable for high-frequency coordination","No built-in leader election — requires external mechanism to designate coordinator"],"requires":["distributed lock service (Redis, etcd, or custom)","coordination protocol (2-phase commit, Raft, or custom)","agent runtime that implements coordination primitives"],"input_types":["lock requests with resource identifiers","barrier synchronization requests","consensus proposals"],"output_types":["lock acquisition/release confirmation","barrier reached confirmation","consensus decision"],"categories":["automation-workflow","planning-reasoning"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"hn-47235632__cap_9","uri":"capability://automation.workflow.action.result.caching.and.memoization","name":"action-result-caching-and-memoization","description":"Caches action results based on inputs to avoid re-executing identical actions, implementing a memoization layer that stores results keyed by action type and input hash. Supports cache invalidation strategies (TTL, event-based, manual) and cache warming for frequently-used actions. Enables agents to reuse results from previous executions without re-running expensive operations.","intents":["Avoid re-executing expensive actions with identical inputs","Speed up agent execution by reusing cached results","Reduce load on external services by caching their responses","Enable offline execution by serving cached results when services are unavailable"],"best_for":["agents executing expensive actions (API calls, database queries, ML inference) repeatedly","systems with high cache hit rates where memoization provides significant speedup","offline-first systems where cached results enable continued operation"],"limitations":["Cache invalidation is hard — stale results may be served if invalidation strategy is wrong","Cache storage overhead grows with action diversity — requires eviction policies","Cache coherency is complex in distributed systems — requires cache invalidation protocol","Caching non-deterministic actions (e.g., random number generation) produces incorrect results"],"requires":["cache store (in-memory, Redis, or database)","cache key generation strategy (input hashing)","cache invalidation policy (TTL, event-based, manual)"],"input_types":["action requests with inputs","cache invalidation signals"],"output_types":["cached result if hit, or action execution result if miss","cache metadata (hit/miss, age)"],"categories":["automation-workflow","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":38,"verified":false,"data_access_risk":"high","permissions":["JSON or YAML parser compatible with the AAP schema specification","Agent runtime with schema validation middleware","Explicit action registry or service discovery mechanism","State store (in-memory, Redis, or database) accessible to the orchestrator","Actions must declare read/write sets in their schema","Rollback handlers for each action type","version management system (semantic versioning or custom)","action registry that tracks multiple versions","version resolution logic in orchestrator","OpenTelemetry SDK or compatible tracing library"],"failure_modes":["Schema complexity grows with stateful workflows — no built-in optimization for deeply nested conditional branches","Validation overhead adds latency per action (~50-200ms depending on schema complexity)","No native support for async action chains — requires external orchestration for long-running operations","Schema versioning and migration between versions requires manual handling","State tracking adds memory overhead proportional to action chain depth","Rollback only works for actions that explicitly declare their state mutations — legacy tools require adapters","No distributed transaction support — state must be centralized or use eventual consistency patterns","Circular dependencies in action state requirements will deadlock the orchestrator","Version management adds complexity — must maintain multiple action implementations","Routing to correct version adds latency (~10-50ms depending on version resolution)","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.36,"quality":0.35,"ecosystem":0.46,"match_graph":0.25,"freshness":0.6,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-06-17T09:51:04.692Z","last_scraped_at":"2026-05-04T08:09:59.925Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=agent-action-protocol-aap-mcp-got-us-started-but-i","compare_url":"https://unfragile.ai/compare?artifact=agent-action-protocol-aap-mcp-got-us-started-but-i"}},"signature":"bnFe4DsZRSkYC1bm77Lo2Y0bQVLO0fccdpjskDEumBQJzag1pK0c5FeDooOVEsjz8Z8Le552+pGjhBnVAfgsDw==","signedAt":"2026-06-22T08:27:53.437Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/agent-action-protocol-aap-mcp-got-us-started-but-i","artifact":"https://unfragile.ai/agent-action-protocol-aap-mcp-got-us-started-but-i","verify":"https://unfragile.ai/api/v1/verify?slug=agent-action-protocol-aap-mcp-got-us-started-but-i","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}