Add extension profile schema validation

2026-05-15 15:13:03 +02:00
parent 955643554f
commit ab7914890e
7 changed files with 466 additions and 9 deletions
--- a/docs/EXTENSION-SDK.md
+++ b/docs/EXTENSION-SDK.md
@@ -79,6 +79,45 @@ The key runtime fields are:
 - `certification_boundary`: explicit statement of what the extension does not
  certify.

+`profile_schemas` may use the original string shorthand for core schemas:
+
+```json
+["target-profile", "assessment-profile"]
+```
+
+Extensions that need stricter domain-specific validation can add schema
+descriptors:
+
+```json
+[
+  "target-profile",
+  "assessment-profile",
+  {
+    "id": "cmis-browser-target",
+    "profile_kind": "target",
+    "path": "schemas/cmis-browser-target.schema.json",
+    "subject_type": "cmis-browser-binding-endpoint",
+    "description": "Requires the target shape expected by the CMIS Browser Binding harness."
+  }
+]
+```
+
+Descriptor fields:
+
+- `id`: stable schema descriptor ID used in validation errors.
+- `profile_kind`: `target` or `assessment`.
+- `path`: JSON schema path relative to the extension root.
+- `subject_type`: optional target-profile selector. When present, the schema is
+  applied only to targets with that `subject_type`.
+- `description`: optional authoring note.
+
+The core validates the generic guide-board schema first, then applies matching
+extension-owned schemas during `profile validate-*`, `plan`, and `run`.
+Extension schema paths must stay inside the extension root. The baseline
+validator intentionally supports the small JSON Schema subset used by
+guide-board contracts: `type`, `enum`, `required`, `properties`,
+`additionalProperties`, `items`, and `minItems`.
+
 ## Runner Entry Points

 Runner entry points currently support these kinds: