Permission Manifests for Web Agents
Abstract
The rise of Large Language Model (LLM)-based web agents represents a significant shift in automated interactions with the web. Unlike traditional crawlers that follow simple conventions, such as robotstxt, modern agents engage with websites in sophisticated ways: navigating complex interfaces, extracting structured information, and completing end-to-end tasks. Existing governance mechanisms were not designed for these capabilities. Without a way to specify what interactions are and are not allowed, website owners increasingly rely on blanket blocking and CAPTCHAs, which undermine beneficial applications such as efficient automation, convenient use of e-commerce services, and accessibility tools. We introduce agent-permissionsjson, a robotstxt-style lightweight manifest where websites specify allowed interactions, complemented by API references where available. This framework provides a low-friction coordination mechanism: website owners only need to write a simple JSON file, while agents can easily parse and automatically implement the manifest's provisions. Website owners can then focus on blocking non-compliant agents, rather than agents as a whole. By extending the spirit of robotstxt to the era of LLM-mediated interaction, and complementing data use initiatives such as AIPref, the manifest establishes a compliance framework that enables beneficial agent interactions while respecting site owners' preferences.
Keywords
Cite
@article{arxiv.2601.02371,
title = {Permission Manifests for Web Agents},
author = {Samuele Marro and Alan Chan and Xinxing Ren and Lewis Hammond and Jesse Wright and Gurjyot Wanga and Tiziano Piccardi and Nuno Campos and Tobin South and Jialin Yu and Sunando Sengupta and Eric Sommerlade and Alex Pentland and Philip Torr and Jiaxin Pei},
journal= {arXiv preprint arXiv:2601.02371},
year = {2026}
}
Comments
Authored by the Lightweight Agent Standards Working Group https://las-wg.org/