Cabin Crew Protocol

The Universal Interface for Agentic Work - A vendor-neutral, Apache 2.0 standard for orchestrating, governing, and auditing autonomous AI agents.

Cabin Crew Protocol

The Universal Interface for Agentic Work

A vendor-neutral, Apache 2.0 standard for orchestrating, governing, and auditing autonomous AI agents.

The Fragmentation Problem

Every AI Agent framework (LangChain, AutoGPT, CrewAI) has its own way of defining tasks, handling secrets, and logging outputs. This makes it impossible for Enterprises to build a single, unified Governance Layer. You cannot audit what you cannot standardize.

The Protocol Solution

The Cabin Crew Protocol treats every Agent as a Stateless Engine. It abstracts away the complexity of the model, the language, and the framework, leaving a clean interface for Input (Context) and Output (Evidence).

The Core Lifecycle (Plan / Govern / Apply)

To ensure safety, the Protocol forbids "Fire and Forget" execution. Every Engine must implement a strict two-phase commit architecture:

1. Flight Plan (Read-Only)

The Engine runs in a safe mode. It calculates intent, generates Artifacts (Diffs, Plans, Drafts), and prepares state, but executes no side effects on the target system.

2. Pre-Flight Check (Governance)

The Orchestrator pauses execution. It feeds the generated Artifacts into the Policy Engine (OPA). If the plan violates security or architectural policy, the workflow halts immediately.

3. Take-off (Execute)

Only if approved, the Engine re-runs in write-mode. It receives the sealed "State Token" from the planning phase to execute the side effects deterministically.

The Technical Interface

Engines are IO-Pure Binaries. They read a JSON envelope from STDIN and write a Receipt to STDOUT. This makes them compatible with any language (Go, Rust, Python, Node) and any container runtime.

Input Object (STDIN)

The Orchestrator injects configuration, secrets, and context into the Engine.

{
  "meta": {
    "mode": "flight-plan", // or "take-off"
    "workflow_id": "run-123"
  },
  "config": {
    "task": "Fix login bug",
    "strict_mode": true
  },
  "secrets": {
    "OPENAI_KEY": "..." // Explicitly injected by Orchestrator
  },
  "context": {
    "repo_map": "..." // Data derived from previous steps
  }
}
Output Receipt (STDOUT)

The Engine reports status and produces Artifacts for the Audit Log.

{
  "status": "success",
  "summary": "Generated patch for auth.ts",
  
  // The Evidence for the Auditor
  "artifacts": [
    {
      "role": "evidence",
      "name": "changes.patch",
      "path": "./artifacts/changes.patch",
      "hash": "sha256:a1b2c3..."
    },
    {
      "role": "state", 
      "name": "state.bin",
      "path": "./artifacts/state.bin"
    }
  ]
}

Why Build on This Protocol?

For Tool Builders

Don't build your own plugin system. If you package your AI tool as a Cabin Crew Engine, you instantly gain compatibility with every Enterprise that uses our Orchestrator. You get OIDC signing, Audit Logging, and Policy enforcement for free.

For Platform Engineers

Stop writing custom Bash glue code. The Protocol gives you a standardized way to chain tools together. Connect a Jira Engine to a Coding Engine to a Terraform Engine with a unified audit trail across all of them.

The Protocol is Open Source (Apache 2.0). Help us define the standard.

View on Github