suggested edits to the webMCP spec draft

Anssi and everyone

First of all, apologies if I am really not that good with Github and my PR
are not in good shape
Indeed Github is a big headache adding to the headache of understanding
what is happening in agentic AI
Even if we want to try to make contributions, there are many barriers

You can of course close *bad PR without addressing the issues, however the
risk is that
all major browser developers will implement something that is NOT up to
spec *pardon the pun
and nobody will understand how it happened :-)

The CG meetings are also not within everybody's timezone, and it's not easy
to make verbal contributions during meetings anyway

Are there minutes for the meetings linked to Github?

  I received an invitation for 19 of Feb meeting, and an invitation for 5
of March, but nothing in between

I have now found a document entitled 'community draft ' dated 27 Feb. Was
there a meeting?
https://webmachinelearning.github.io/webmcp/

Is there an earlier version? Or was this document created yesterday?  *it
is only 300 lines or soo

Plus, some of us are just coming to terms with using Respec editor and here
we have a bs file. So, once again, apologies
if handling comments is difficult for you, but it is also difficult for
contributors who are trying to come to terms to
the de facto browser implementation of a stump

Can we make contributions to the standard via this list instead of commits
to Ghub that may or may not go through correctly?

Some concerns, *which I am trying to push as PR requests with varying
degrees of difficulty
are reflected in the Technical Notes

I will try to issue smaller PR notes *one for each issue , instead of one
big  amended PR which I agree may not be good practice

Some of these issues were discussed/agreed before, but do not seem to have
made it through the current draft
dated 27 Feb

The concern is that the webMCP may become implemented BEFORE the
specification is produced/agreed upon
and things are going to become even a bigger mess than it is now

Thank you for your patience!


Paola Di Maio, AI KR CG

*The index.bs <http://index.bs> file is 322 lines  as of 28 February*
------------------------------

*PR 1 -- Clarify MCP analogy in Introduction (line 84)   trying to submit
as PR on ghub now!!*

Current text (line 84):

Web pages that use WebMCP can be thought of as Model Context Protocol
[[!MCP]] servers that implement tools in client-side script instead of on
the backend.

Suggested edit:

Web pages that use WebMCP can be thought of as analogous to Model Context
Protocol [[!MCP]] servers in that they expose callable tools, but WebMCP
implements tool discovery, registration, and invocation through
browser-native mechanisms rather than the MCP wire protocol.

*Source:* TN3 (WebMCnotMCP.md) -- "A Suggested Clarification" section. This
is the single most important edit.


------------------------------

*PR 2 -- Add note to Security section (lines 98-103)*

Currently empty except a TODO comment. Add a non-normative note:

Note: WebMCP's threat model differs from that of backend MCP servers.
Security review should address client-side JavaScript execution, browser
origin-based trust boundaries, prompt injection via tool descriptions and
responses, and silent tool registration, rather than importing assumptions
from backend protocol security models.

*Source:* TN3 "Why This Matters for Standards Review" + TN2 risk sections
on prompt injection and consent model gaps.
------------------------------

*PR 3 -- Add note to Accessibility section (line 105)*

Currently completely empty. Add a non-normative note:

Note: WebMCP tools introduce a second machine-readable description of page
functionality alongside the accessibility tree. Implementations should
consider how tool descriptions relate to existing ARIA roles and properties
to avoid divergence between the two representations.

*Source:* TN2 accessibility testing section + existing issue #91
(Redundancy with the accessibility tree) + issue #65 (Accessibility via
agentic interfaces).
------------------------------

*PR 4 -- Clarify agent definition scope (line 92)    submitted as PR  by
starborn on 28 Feb*

Current text:

An <dfn>agent</dfn> is an autonomous assistant that can understand a user's
goals and take actions on the user's behalf to achieve them. Today, these
are typically implemented by large language model (LLM) based [=AI
platforms=], interacting with users via text-based chat interfaces.

Suggested addition after the existing sentence:

An <dfn>agent</dfn> is an autonomous assistant that can understand a user's
goals and take actions on the user's behalf to achieve them. Today, these
are typically implemented by large language model (LLM) based [=AI
platforms=], interacting with users via text-based chat interfaces. In the
context of this specification, agents operate within or in coordination
with an active browser session where a human user is present.

*Source:* TN3 operational mode distinction + the spec's own non-goal of
headless browsing scenarios (README).
------------------------------

*PR 5 -- Add interoperability note to the MCP bibliography entry (lines
292-298)*

After the biblio entry for MCP, add a note to the Introduction or
Terminology:

Note: While WebMCP borrows the tool abstraction from the Model Context
Protocol [[!MCP]], it does not implement the MCP wire protocol (JSON-RPC
2.0) and is not interoperable with MCP client libraries at the transport
level.

*Source:* TN3 transport section -- developers expecting protocol-level
interoperability will be misled.
------------------------------


   1. *PR 4* (agent definition scope) -- smallest, least controversial,
   clarifies existing text     DONE
   2. *PR 1* (MCP analogy clarification) -- the core issue, directly
   addresses TN3     DOING
   3. *PR 5* (interoperability note) -- technical clarification, low
   friction
   4. *PR 3* (accessibility note) -- fills an empty section, aligns with
   issue #91
   5. *PR 2* (security note) -- fills an empty section, more substantive

Message ID: <webmachinelearning/webmcp/pull/112/c3969308544@github.com>

>