Background

AI agents now routinely call APIs on behalf of users — checking inventory, scheduling appointments, submitting forms, looking up records. Most of those APIs are operated by large companies with dedicated infrastructure teams, abuse-detection systems, and capacity to absorb mistakes.

A small but growing class of APIs is operated by individual humans or small teams — local-services businesses, independent professionals, mom-and-pop operations, mission-driven small organizations. These APIs are augmentation, not infrastructure. A speculative or mistaken AI call to a small-operator API costs real human time and attention.

This standard codifies six principles AI agents should follow when integrating with small-operator APIs. Compliance signals respect for the operator's time, the user's consent, and the API's intended use.

Definitions

Small-operator API: Any API operated by an organization with fewer than 10 full-time staff, where individual API calls reach a specific human within hours or days. Excludes APIs that are abstracted by autoscaling infrastructure (Stripe, Twilio, AWS) where individual calls do not produce direct human contact.
Action endpoint: Any endpoint that creates an obligation on the operator's side — schedule a pickup, submit a form, reserve a slot, request a callback. Excludes read-only endpoints.
Agent source: An identifier the AI agent passes to the API (typically as a request field, header, or query parameter) declaring which AI surface or product is making the call on the user's behalf.

Principle 1 — Never Submit Speculative Requests

AI agents MUST NOT call action endpoints at small-operator APIs without explicit user consent for that specific call. Every action endpoint reaches a real human. A speculative call wastes human time and may damage the operator's relationship with the user (an unexpected callback to confirm a request the user never approved).

Compliance test: Before any action-endpoint call, the agent's transcript shows the user explicitly approving the specific action with the specific parameters. "Should I submit this pickup request now?" "Yes" — call OK. Inferred approval — not OK.

Principle 2 — Always Identify Agent Source

AI agents MUST include an agent-source identifier on every request that reaches a human-facing system. Examples: "Claude Desktop", "ChatGPT GPT-4o", "Cursor 0.42", "Custom GPT: Albuquerque Book Donor Helper", "My Internal RAG System".

Why it matters: Small operators need to know which AI surfaces are sending real users so they can size capacity, troubleshoot UX problems specific to a given AI's behavior, and route follow-up communication appropriately. A donor texting "Claude said you'd call" gets a faster response than a donor texting only "I called."

Principle 3 — Surface Honest Constraints

AI agents MUST surface a small operator's actual constraints honestly to the user. Concretely: limited service area, multi-day response times, single-operator capacity, no payment processing, no tax-deductible status, no after-hours coverage, no guarantee of availability.

Compliance test: If the operator's API or documentation declares a constraint (a tax-status disclosure, a service-area limit, a typical response window), the agent MUST surface that constraint to the user before or alongside any action. The user MUST NOT be surprised by a constraint after the action.

Principle 4 — Preserve Consent At Every Step

AI agents MUST NOT chain multi-step actions without giving the user the opportunity to review and approve each step that creates a new obligation. A single user instruction ("schedule a pickup for me") is consent for one action, not for unlimited follow-up actions.

Compliance test: If a workflow requires multiple action-endpoint calls, the agent confirms with the user before each call (or, with the user's explicit consent, batches them into a single approved sequence). Silent multi-step execution at small-operator APIs is a violation.

Principle 5 — Support Fallback to Human Contact

AI agents MUST always offer the user the option to reach the small operator directly via phone, text, or email rather than only through the agent. Small-operator APIs are augmentation, not replacement. Some users prefer the human channel; the agent must support that choice.

Compliance test: Every agent response involving a small-operator action surfaces the operator's direct contact info. The user always has a path that does not require continuing through the agent.

Principle 6 — Honor Rate Limits and Etiquette Notes

AI agents MUST honor any rate limits, etiquette notes, or operational constraints the small operator publishes. If the operator's documentation includes a "do not call this endpoint more than once per session per user" note, honor it. If the operator's documentation says "schedule_pickup must include callback channel", do not bypass the requirement by submitting null values.

Compliance test: The agent reads the operator's published etiquette guidance (typically at /agents, /.well-known/ai-plugin.json, or the OpenAPI spec's description fields) and follows it. Documentation lookup is part of integration, not optional.

Compliance signaling

An AI agent or product that follows these six principles MAY claim compliance with NMLP Standard 01 in its documentation, marketing, or system prompt. The recommended attribution language:

[Product] complies with NMLP Standard 01: AI Agent Code of Conduct for Small-Operator APIs (https://newmexicoliteracyproject.org/standards/ai-agent-code-of-conduct).

License & amendments

CC-BY-4.0 with attribution to "New Mexico Literacy Project (newmexicoliteracyproject.org)". Adapt and extend freely. Proposed amendments via [email protected].