Skip to content

Spec Proposal: Dependencies manifest #63

Description

@marianogonzalez

NOTE:

This issue was originally posted on the ards-project repo, issue #42. Moving here for visibility. Please refer to the original issue for already existing community feedback and comments.

The original issue has also been referenced in other proposals:

ards-project/ard-spec#53
ards-project/ard-spec#55
ards-project/ard-spec#57

The Problem:

Agents often depend on other assets like agents, MCP servers, etc.

Sometimes agents act on their own behalf, using their own identity. But sometimes they do it on behalf of the client, propagating
user credentials along the stack (e.g: the auth-required flow in A2A).

Example implementation of different identity strategies for agents

If the purpose is enabling agents to discover and use assets at runtime, then agents need to determine upfront which additional credentials
will be required downstream, so that the agent (or the client) can validate if that asset is really an option regardless of the
offered capabilities.

Proposal:

Enrich the entry with optional information about downstream dependencies so that the agent planner can identify additional system for which access are required. In this way, the agent can avoid failures due to lack of access.

Example:

{
  "identifier": "urn:ai:acme.com:sales:crm-assistant",
  "capabilities": ["lead_search", "opportunity_update", "forecast_generation"],
  "dependencies": {
    "required": [
      {
        "type": "application/mcp-server+json",
        "identifier": "urn:ai:salesforce.com:mcp:sales-cloud",
        "minVersion": "3.0.0",
        "identityType": "OBO",
        "purpose": "Access Salesforce data"
      }
    ],
    "optional": [
      {
        "type": "application/a2a-agent-card+json",
        "identifier": "urn:ai:acme.com:email:sender",
        "identityType": "agent",
        "purpose": "Send email notifications"
      }
    ]
  }
}

Discovery Value:

  • Pre-flight checks: "Can I use this agent?" (Do I have required credentials?)
  • Security planning: Understand data access scope before deployment
  • Compliance: Know audit trail model (user-attributed vs agent-attributed)
  • Filter discovery: Hide agents requiring credentials I don't have
  • "bundle" discovery: agent + all required components
  • Filter unapproved vendors: e.g: don't book flights through Expedia because there's an active lawsuit
  • Impact analysis: "what agents break if I decommission MCP server X?"

While this could be treated as vendor specific additional metadata, lack of standardization on this concept would make cross-platform, cross-vendor governance more difficult than it should be

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions