ACT is an open protocol that lets AI assistants hand off conversation context to websites, so users don't have to repeat themselves.
When a user clicks a link from a Global Agent (e.g., ChatGPT, Gemini, Claude) to a website, the site's Local Agent can pull the conversation context — intent, preferences, constraints — and deliver a personalized experience from the first page load. No cookies, no tracking, no cold start.
User → Global Agent: "Find me a wheelchair-accessible hotel in Paris, under $600/night"
Global Agent → User: "Here's Hotel Deluxe — [View & Book]"
User clicks link → Hotel Deluxe site loads
Hotel Deluxe server → Global Agent: pulls context (intent, constraints, consent token)
Hotel Deluxe → User: page pre-filled with matching suites, dates, accessibility filters
The protocol uses a pull model — the website fetches context server-to-server, no data is embedded in the URL. Sessions are ephemeral, consent is explicit, and no persistent user identifiers are exchanged.
The full proposal is at docs/proposal.md (currently v0.7).
Key sections:
| Section | Topic |
|---|---|
| §3 | Handoff — URL parameters that start a session |
| §4 | Context Retrieval — the pull model and session lifecycle |
| §5 | Feedback Loop — Local Agent reports outcomes back, with safety and size limits |
| §6 | Privacy & Consent — bidirectional consent tokens, security, identity |
Discussion, trade-off analysis, and rationale for proposal changes live in design-log/. See the index for a catalog.
v0.7 — Mandatory server-side redirect (§3.1), feedback safety with prompt-injection guidance (§5.6), size limits on feedback (§5.2), bidirectional consent via feedback_categories (§6.1), threat model scoping (§4.1), reframed "zero-setup" to "low-barrier" adoption (§1).
v0.6 — Consent token structure, session lifecycle phases, feedback authentication.
This is a draft specification. Feedback and contributions are welcome.
TBD