RestaRules: Open Standard Brings robots.txt-Style Conduct Rules to AI Restaurant Agents
Key Takeaways
- ▸RestaRules introduces a machine-readable standard—akin to robots.txt—that lets restaurants define conduct rules for AI agents before any interaction occurs
- ▸The standard addresses regulatory pressure from NY, Philadelphia, and the EU AI Act by enabling mandatory disclosure and venue-controlled escalation policies
- ▸Core features include allowed communication channels, party size limits, rate limiting, human escalation thresholds, and anti-resale constraints
Summary
RestaRules, a new open standard, enables restaurants to publish machine-readable conduct rules for AI agents at a standardized /.well-known/agent-venue-rules.json file. The JSON schema defines venue-specific constraints for voice assistants, booking agents, and concierge services—covering disclosure requirements, allowed communication channels, party size limits, rate limits, human escalation triggers, and anti-resale restrictions. The standard operates on a simple principle: restaurants publish rules once; AI agents fetch and validate the rules before acting, either proceeding or refusing based on compliance evaluation.
Developed solo by a single contributor using AI coding agents (Claude Code), RestaRules addresses an urgent regulatory and operational gap. AI voice agents are already calling restaurants for reservations, prompting New York and Philadelphia to pass anti-bot reservation laws. The EU AI Act (effective August 2026) mandates AI-to-human disclosure. Currently, restaurants have no standardized mechanism to set boundaries or enforce compliance. RestaRules fills that void by establishing a clear, machine-readable contract between venues and AI agents.
The v0.2 release includes a complete JSON schema, validation SDK, CLI checker, reference agent implementation, and a live browser-based voice demo that showcases an agent fetching and obeying real rules. The standard defaults to a conservative "deny_if_unspecified" policy for permission fields, allowing restaurants to whitelist specific agent behaviors rather than blacklist undesirable ones. All required fields must be present in the rules file; agents must refuse to proceed if validation fails.
- Default policy of 'deny_if_unspecified' gives restaurants a conservative, secure posture—rules must explicitly permit agent actions
- Complete implementation includes schema, SDK, CLI tools, reference agent, and working voice demo available immediately
Editorial Opinion
RestaRules represents a pragmatic, well-timed solution to a real problem: AI agents are already operating in the hospitality space, but venues lack standardized tools to enforce boundaries. By modeling the solution after the proven robots.txt pattern, the standard lowers barriers to adoption and clarity. The conservative default policy is smart governance—it shifts burden to agent operators to earn trust rather than forcing restaurants to play defense. If industry adoption accelerates (especially among major voice AI platforms), this could become the de facto standard for human-AI service interactions beyond restaurants.
