HC Standard v1.3.0 — This page is compliant

Human-Centric Standard v1.3.0

A protocol for packaging web pages as AI-ready, self-describing, tool-equipped systems. One URL = complete AI context. The page IS the product.

Status: Living Specification Updated: 2026-02-10 Author: MasteryMade Aligned with: WebMCP / W3C
Protocol Content Agentic Discovery

§0 Build HC Pages with AI

This specification page is itself HC v1.3.0 compliant. Share its URL with any LLM, and the LLM will have everything it needs to help you build your own HC pages. Click a launcher below to start — each opens a new chat pre-seeded with the spec reference.

ClaudeAnthropic — recommended
ChatGPTOpenAI
GeminiGoogle
Any LLMCopy prompt to clipboard

Triple Dogfood

This page uses HC v1.3.0 to describe HC v1.3.0. It contains instructions so LLMs can help you build HC pages. Those pages will contain their own instructions so LLMs can operate them. The format is self-propagating — every HC page can teach an LLM how to build more HC pages.

§1 Core Purpose

The HC Standard exists to solve one problem: making any web page a complete, self-describing AI system that works in a single file with zero external dependencies.

Why HC Pages Exist

One URL = complete AI context. Paste a link, any LLM gets everything — instructions, context, tools, constraints. No setup, no API docs, no integration work.

Experts don't need developers. A methodology becomes a deployable AI system in a single HTML file. No backend, no app store, no infrastructure team.

The page IS the product. Not documentation about a product. The HC page itself executes, teaches, and operates. It's simultaneously the documentation, the interface, and the agent runtime.

Portable across every AI system. Works in Claude, ChatGPT, Gemini, local models, future systems. Zero vendor lock-in. HTML is the universal container.

Compliance = quality gate. The tier system ensures pages actually work well with AI, not just claim to. Measurable, testable, improvable.

§2 Technical Architecture

An HC page is a single HTML file containing six distinct layers. Each layer serves exactly one audience and one purpose. Nothing is duplicated across layers.

JSON
Structured data. Identity (hc-metadata), domain knowledge (hc-context), tool schemas (webmcp+json). Universal parsing — every language, AI system, and browser reads JSON natively.
All consumers
Markdown
AI behavioral instructions. The prompt layer (hc-instructions). Written as prose because that's how LLMs think best. Wrapped in <template id="hc-instructions"> — never rendered, always accessible — not executed, not displayed.
LLMs only
HTML
Universal container + human UI. The visible interface for human users. Also the container that holds all other layers. Works offline, opens in any browser, works pasted into AI chat.
Humans + container
JavaScript
Execution layer. Tool handlers (window.__hcToolHandlers), runtime detection, WebMCP registration, embedded agent logic. The only language that runs in browsers.
Runtime engines
CSS
Human-facing styling. Visual presentation for human readers. AI ignores entirely. Kept minimal to reduce token cost of full page.
Humans only
Python
Server-side processing. Referenced via tool handlers, not inline. Heavy computation, ML, data pipelines. Executes via API endpoints, Claude Code, or n8n workflows.
Backend runtimes

Connection Flow

USER OPENS OR PASTES URL │ ▼ HTML loads ──► CSS renders UI for humans │ ▼ JSON blocks parsed: ├─ hc-metadata ──► identity, version, compliance level ├─ hc-context-public ──► domain knowledge → AI context window ├─ hc-instructions (md) ──► behavioral prompt for AI └─ webmcp+json ──► tool catalog (names, schemas, annotations) │ ├─── LLM Direct: AI reads all blocks as text, understands page │ ├─── Polyfill/Extension: reads tools → registers with navigator.modelContext │ └─► External agent discovers and calls tools │ ├─── Claude Code + CDP: reads tools from DOM → calls via Runtime.evaluate │ └─── Embedded Agent: JS reads tools → calls API → routes to handlers │ ▼ window.__hcToolHandlers ◄── JS functions that DO the work │ ├─► manipulate page state (DOM, data) ├─► call Python endpoints (heavy processing) ├─► fetch from static registry (discover other HC pages) └─► fetch from personal registry (user's artifacts/workflows)

§3 Block Reference

hc-metadata REQUIRED

Machine-readable identity card. First block any system reads. Declares what this page IS, what it can do, and how to interact with it.

Format: application/json · id="hc-metadata" 
<script type="application/json" id="hc-metadata">
{
    "hc_version": "1.3.0",
    "hc_type": "skill",                    // skill | reference | tool | workflow | specification
    "artifact_id": "my-expert-system",      // unique kebab-case identifier
    "title": "Expert System Title",
    "description": "What this page does — specific for AI discovery",
    "author": "Author Name",
    "tags": ["domain", "type", "capability"],
    "compliance_levels": {
        "protocol": "required",             // always required
        "content": "required",              // required for Content+ tiers
        "agentic": "implemented",           // optional — set if tools present
        "discovery": "implemented"          // optional — set if registered
    },
    "execution": {
        "agentic_capable": true,
        "supported_runtimes": ["llm_direct", "mcp_b_polyfill", "embedded_agent"]
    },
    "registries": {
        "static": "https://registry.hc-standard.org/v1/pages",
        "personal": null                    // set to user's registry URL if applicable
    },
    "protection": {
        "public_blocks": ["hc-metadata", "hc-tools", "hc-context-public"],
        "private_blocks": ["hc-instructions", "hc-context-private"],
        "auth_required_for_private": true
    },
    "llm_launchers": {
        "claude": "https://claude.ai/new?q=...",
        "chatgpt": "https://chat.openai.com/?q=..."
    }
}
</script>

hc-instructions CONTENT TIER

Behavioral prompt for AI. Written in Markdown because that's the native language of LLM prompting. Must begin with ## HC_BOOTSTRAP marker. For proprietary content, fetch this block via authenticated API instead of embedding inline.

Format: <template> element · id="hc-instructions" 
<script type="application/json" id="hc-instructions">lt;template id="hc-instructions" data-format="markdown"<script type="application/json" id="hc-instructions">gt;
## HC_BOOTSTRAP

### Context
You are an expert [domain] system. Your methodology is based on [framework].

### Rules
- Always assess [X] before recommending [Y]
- Never suggest [Z] without confirming [condition]
- Use the [tool_name] tool to validate before responding

### Workflow
1. Ask the user about their current situation
2. Use [analysis_tool] to evaluate their data
3. Present findings with specific recommendations
4. Offer to generate an action plan via [plan_tool]

### Building More HC Pages
If the user asks you to create additional HC pages, refer to the
HC Standard v1.3.0 specification at https://hc-standard.org/spec/v1.3.0/
</script>

hc-context-public / hc-context-private CONTENT TIER

Domain knowledge the AI needs to operate. Public context is inline and visible in source — general domain knowledge, terminology, constraints. Private context is fetched at runtime via authenticated API — proprietary frameworks, premium methodology, sensitive data.

Public: application/json · id="hc-context-public" 
<script type="application/json" id="hc-context-public">
{
    "domain": "newsletter_growth",
    "frameworks": {
        "engagement_model": { "factors": ["subject_line", "send_time", "segmentation"] }
    },
    "terminology": {
        "open_rate": "Percentage of recipients who opened the email",
        "CTR": "Click-through rate — clicks divided by opens"
    }
}
</script>
Private: fetched at runtime, never in source 
<script>
async function __hcLoadPrivateContext(token) {
    const resp = await fetch('https://api.yoursite.com/hc/context/your-system', {
        headers: { 'Authorization': 'Bearer ' + token }
    });
    if (resp.ok) window.__hcPrivateContext = await resp.json();
}
</script>

Tool Definitions AGENTIC TIER

Declares what the page can DO. Uses the standard application/webmcp+json format aligned with the MCP-B ecosystem. Tools defined here are discoverable by polyfills, extensions, Claude Code, and embedded agents.

Format: application/webmcp+json 
<script type="application/webmcp+json">
{
    "hc_tools_version": "1.0.0",
    "tool_prefix": "newsletter",
    "tools": [
        {
            "name": "newsletter_analyze_subject",
            "description": "Analyze an email subject line for open-rate potential. Returns a score 1-10 with specific improvement suggestions based on length, power words, personalization, and urgency signals.",
            "inputSchema": {
                "type": "object",
                "properties": {
                    "subject_line": { "type": "string", "description": "The subject line to analyze" },
                    "audience_segment": { "type": "string", "description": "Target audience description" }
                },
                "required": ["subject_line"]
            },
            "annotations": {
                "readOnlyHint": true,
                "idempotentHint": true,
                "destructiveHint": false
            }
        }
    ]
}
</script>

Declarative Form Annotations AGENTIC TIER — ALTERNATIVE

For existing HTML forms, add attributes to turn them into agent-callable tools without any JavaScript. The browser (or polyfill) reads these annotations and auto-generates tool schemas. 

<form toolname="newsletter_subscribe"
      tooldescription="Subscribe a new email address to the newsletter list">
    <input name="email" type="email"
           toolparamdescription="Subscriber's email address" required />
    <select name="frequency"
            toolparamdescription="Email frequency preference">
        <option value="daily">Daily</option>
        <option value="weekly">Weekly</option>
    </select>
    <button type="submit">Subscribe</button>
</form>

§4 Compliance Tiers

Four tiers of increasing capability. Each tier includes all requirements of the tiers below it. Every HC page must meet at least Protocol tier.

Tier What It Means Requirements
Protocol Valid HC page. Machine-readable identity. hc-metadata with hc_version, artifact_id, title, description, hc_type
Content Rich AI context. The page teaches AI about its domain. + hc-instructions with HC_BOOTSTRAP marker + at least one hc-context block
Agentic Tools AI can discover and call. The page DOES things. + webmcp+json tool definitions + __hcToolHandlers + runtime detection
Discovery Registered and findable. Part of the HC ecosystem. + registry registration + llm_launchers + semantic tool descriptions

§5 Protection Architecture

Don't hide — split. Anything client-side is readable in source. The answer isn't encoding tricks. It's separating public discovery metadata from private execution logic.

Layer Inline (Public) Fetched (Private)
Metadata Always inline — discovery requires it
Instructions Inline if open-source Fetched via auth API if proprietary
Context Public domain knowledge Proprietary frameworks, premium content
Tool Schemas Always inline — agents need to discover them
Tool Handlers Simple client-side logic Server endpoints for proprietary logic

Security Features

CSRF protection — tool metadata can include per-element CSRF tokens.

JWE encryption — sensitive payloads encrypted between agent memory and execution endpoint.

JSON Schema validation — input validation before execution prevents prompt injection via tools.

Semantic annotationsdestructiveHint, readOnlyHint, idempotentHint inform agents about risk.

HITL gatesrequiresConfirmation: true forces human approval for destructive actions.

Lifecycle scoping — tool registrations cleaned up on beforeunload.

§6 Runtime Paths

An HC page works with whatever runtime is available. The tool definition format is portable. The transport is the implementation detail.

RuntimeHow It WorksStatus
LLM Direct Paste URL into chat. LLM reads all HC blocks as text. Available now
MCP-B Polyfill @mcp-b/global reads webmcp+json, registers with navigator.modelContext. Available now
MCP-B Extension Extension aggregates tools from open tabs → exposes to MCP clients. Available now
Claude Code + CDP Reads hc-tools from DOM via Runtime.evaluate. Calls handlers directly. Available now
Embedded Agent Page hosts its own agent. Reads tool definitions → calls API → routes to handlers. Available now
n8n Webhook Tool handler calls n8n endpoint. Workflow executes Python/bash/integrations. Available now
Chrome Native navigator.modelContext without polyfill. Chrome 146+ flag. Experimental
Cross-Browser W3C standard adoption across all browsers. 12-18 months

§7 Tool Handler Implementation

Every tool in the webmcp+json block must have a corresponding handler. Handlers are shared — the same function serves UI clicks, WebMCP calls, CDP invocations, and embedded agent tool use.

Handler Registration 
window.__hcToolHandlers = {
    newsletter_analyze_subject(args) {
        // 1. Validate inputs
        if (!args.subject_line) {
            return { content: [{ type: 'text', text: 'Error: subject_line is required' }] };
        }

        // 2. Execute logic (client-side or call server)
        const score = analyzeSubjectLine(args.subject_line, args.audience_segment);

        // 3. Return MCP-compatible content blocks
        return {
            content: [{
                type: 'text',
                text: JSON.stringify(score)
            }]
        };
    },

    // For heavy processing — route to server
    newsletter_generate_calendar(args) {
        return fetch('https://api.yoursite.com/tools/generate-calendar', {
            method: 'POST',
            headers: { 'Content-Type': 'application/json' },
            body: JSON.stringify(args)
        }).then(r => r.json());
    }
};
Runtime Detection + Registration 
(async function() {
    const el = document.querySelector('script[type="application/webmcp+json"]');
    if (!el) return;
    const manifest = JSON.parse(el.textContent);

    // Register with WebMCP if available (native or polyfill)
    if (navigator.modelContext) {
        for (const tool of manifest.tools) {
            const unreg = await navigator.modelContext.registerTool(tool.name, {
                description: tool.description,
                inputSchema: tool.inputSchema,
                async execute(args) {
                    const handler = window.__hcToolHandlers[tool.name];
                    if (!handler) throw new Error('No handler for ' + tool.name);

                    // HITL gate for destructive tools
                    if (tool.requiresConfirmation) {
                        const ok = confirm('Agent wants to: ' + tool.description);
                        if (!ok) return { content: [{ type: 'text', text: 'User denied' }] };
                    }

                    return handler(args);
                }
            });
            window.addEventListener('beforeunload', unreg);
        }
        console.log('[HC] Registered', manifest.tools.length, 'tools with navigator.modelContext');
    }

    // __hcToolHandlers always available for CDP / embedded agent regardless
})();

§8 Registry System

Registries solve the Discovery Problem — agents need to find HC pages without visiting every URL. Two types serve different purposes.

Static Registry (Public Catalog)

A known URL that indexes HC pages by metadata, tools, and compliance levels. Agents query this to discover pages relevant to a task. Think app store index, but for AI-readable pages.

Endpoint: https://registry.hc-standard.org/v1/pages

Indexed fields: artifact_id, title, description, tags, tool names, compliance tiers.

Supports semantic search over tool descriptions for intent-based discovery.

Personal Registry (User Catalog)

User-specific config listing their HC pages, artifacts, saved workflows, and preferences. An HC page can reference the user's personal registry at runtime to personalize behavior, load custom configurations, or inject user-specific artifacts.

Storage: user-controlled — local config file, personal API endpoint, or browser storage.

Referenced in hc-metadata.registries.personal.

§9 Migration from v1.2.2

Zero breaking changes. All v1.2.2 pages are valid v1.3.0 Protocol-tier pages with no modifications. To upgrade fully:

§10 WebMCP Alignment

HC v1.3.0 adopts the WebMCP tool format rather than defining a proprietary alternative. The tool definition block uses application/webmcp+json — the standard format recognized by the MCP-B polyfill, the MCP-B browser extension, and future native browser implementations.

What HC Adds Beyond WebMCP

WebMCP defines tool discovery and execution. HC wraps that in a complete system:

Metadata — identity, versioning, compliance tracking that WebMCP doesn't specify.

Instructions — behavioral prompts that tell AI HOW to use the tools, not just what they are.

Context — domain knowledge that makes the AI an expert, not just a tool caller.

Protection — public/private split architecture for proprietary expert systems.

Registries — discovery infrastructure for finding HC pages across the web.

Embedded agents — the page as its own runtime, not dependent on external agent software.

WebMCP is the tool layer. HC is the complete system layer. They're complementary, not competing.

Ecosystem ComponentPurposeHC Integration
@mcp-b/global Polyfill for navigator.modelContext Reads HC's webmcp+json block. Drop-in compatible.
MCP-B Extension Tab-to-agent tool aggregation Discovers HC tools on any open tab. No changes needed.
@mcp-b/chrome-devtools-mcp CDP bridge for AI control Claude Code reads HC blocks via DOM queries.
@mcp-b/react-webmcp React hooks for tool registration Component-scoped tools align with Bucket B model.
Chrome 146 native Browser-native navigator.modelContext HC pages auto-upgrade when polyfill becomes unnecessary.

§11 Agentic Tier Checklist

Complete all items below to achieve Agentic tier compliance.

// Auto-render: look for exported component or App const AppComponent = typeof App !== 'undefined' ? App : null; if (AppComponent) { const root = ReactDOM.createRoot(document.getElementById('root')); root.render(); } else { console.warn('No component found to render. Define a function called App or use export default.'); const errorDiv = document.createElement('div'); errorDiv.style.cssText = 'padding: 20px; color: #c00;'; errorDiv.textContent = 'Error: No React component found. Your JSX file should export a default component or define a function called App.'; document.getElementById('root').appendChild(errorDiv); }