Capability mapping
Map a real-world ability into a hosted capability.
CHP starts with the thing someone or something can do. This map turns that ability into a host boundary, policy boundary, invocation trace, manifest shape, and result.
A good map proves
- +The actor is named before the capability is invoked.
- +The host owns lifecycle, version, availability, and evidence.
- +The permission and policy state are explicit before execution.
- +The result is concrete enough for another host, agent, or application to compose.
Capability map
Start with the real-world ability.
Protocol readiness
Defined protocol outcome- PassActor named
Caller identity is visible before invocation.
- PassCapability identifier
Published as schedule_technician.
- PassHost identity
HostDescriptor.id will be serviceopshost.
- PassCapability version
Version compatibility can be checked before invocation.
- PassPermission requirement
Permission is machine-readable and can be enforced.
- PassInvocation context
The payload names the context the capability needs.
- PassConcrete result
The caller can reason about the expected result.
- PassDescription quality
The manifest explains the capability to independent callers.
- PassLifecycle state
The host can expose this capability as invokable.
- Protocol outcomePolicy outcome
Approval-required capabilities should pause or deny before execution.
CHP notation
[Planning Agent] -> {schedule_technician} @ ServiceOpsHost | manager_approval | job_context -> Confirmed Appointment
Invocation trace
- 01 Actor
Planning Agent
- 02 Capability
schedule_technician
- 03 Host
ServiceOpsHost
- 04 Policy
manager_approval
- 05 Context
job_context
- 06 Result
Confirmed Appointment
Find an available qualified technician and reserve a service window.
Policy boundary
Approval requiredmanager_approval
service:dispatch governs whether Planning Agent can invoke schedule_technician.
Mapped host
ServiceOpsHost
AvailableA host publishes capability identity, lifecycle, version, entitlement metadata, and policy before callers invoke it.
Find an available qualified technician and reserve a service window.
{
"id": "serviceopshost",
"version": "0.1.0",
"protocol_version": "0.1",
"kind": "service",
"capabilities": [
{
"id": "schedule_technician",
"version": "1.0.0",
"description": "Find an available qualified technician and reserve a service window.",
"status": "experimental",
"modes": [
"sync"
],
"emits": [
"execution_started",
"execution_completed",
"execution_denied",
"execution_skipped"
],
"policy": {
"risk_tier": "high",
"auth_required": true,
"approval_required": true,
"allowed_actors": [
"Planning Agent"
]
},
"metadata": {
"required_permissions": [
"service:dispatch"
],
"lifecycle": "invokable",
"policy_state": "approval_required",
"policy_rule": "manager_approval"
}
}
],
"evidence": {
"store": "local-append-only",
"append_only": true
}
}{
"invocation_id": "inv_schedule_technician_map",
"capability_id": "schedule_technician",
"version": "1.0.0",
"mode": "sync",
"correlation": {
"correlation_id": "map-001"
},
"subject": {
"id": "Planning Agent",
"required_permissions": [
"service:dispatch"
]
},
"payload": {
"context": "job_context",
"requested_result": "Confirmed Appointment"
},
"requested_at": "2026-06-16T15:14:20.000Z"
}{
"invocation_id": "inv_schedule_technician_map",
"capability_id": "schedule_technician",
"capability_version": "1.0.0",
"correlation": {
"correlation_id": "map-001"
},
"outcome": "denied",
"success": false,
"data": null,
"error": null,
"denial": {
"code": "approval_required",
"message": "manager_approval must approve before execution.",
"retryable": true,
"details": {
"policy": "manager_approval"
}
},
"evidence_ids": [
"evt_map_execution_denied"
],
"started_at": null,
"completed_at": "2026-06-16T15:14:22.104Z"
}Next step
Turn the map into a reference host.
Once the boundary is named, implement the capability, verify the host, and test the denial and unavailable paths before treating it as a public protocol surface.