Capabilities

Plain-English descriptions of what your agents do, mapped to the canonical capability slugs the UAE ruleset uses to classify risk tier.

A capability is a string slug declared at agent registration that the SDK uses to compute your risk tier. The UAE AI Act 2026 ruleset enumerates which capabilities trigger which tier — declare honestly: tier inflation buys you obligations you don't need, deflation puts you out of compliance.

This page is the canonical translation between how a developer describes their agent in plain English and the capability slugs the UAE ruleset recognises.

How to use this page

Find the row that best matches what your agent does.
Read the slug column — that's what goes into your capabilities array.
The tier column shows the UAE risk tier this capability lands you in. If your agent triggers multiple capabilities, the highest tier wins.

const iqrar = Iqrar({
  org: "acme",
  jurisdiction: "AE",
  capabilities: ["consumer_chatbot"],   // → limited (Tier 2)
});

Tier 4 — Critical risk

Pre-authorisation required from the UAE AI Authority. Continuous human-in-the-loop. Don't deploy without legal review.

What your agent does	Slug	Why
Directs vehicles, drones, robots, or other physical systems	`autonomous_physical_action`	Tier 4 trigger — physical-action systems require prior written authorisation.
Controls utilities, healthcare equipment, or public-safety infrastructure	`critical_infrastructure_control`	Tier 4 trigger — supervisory dashboard and continuous oversight required.

Tier 3 — High risk

Annual third-party algorithmic audit. Quarterly bias testing. Designated AI Ethics Officer. 72-hour incident notification. Full input/output retention for 5 years on every consumer-affecting decision.

What your agent does	Slug	Why
Identifies people from face, voice, gait, or other biometric input	`biometric_identification`	Tier 3 — UAE AI Act §15.
Approves, denies, or scores credit, loans, or financial applications	`credit_decision`	Tier 3 — financial gating.
Filters CVs, schedules interviews, scores employee performance	`employment_decision`	Tier 3 — hiring or firing decisions.
Diagnoses, triages, or recommends clinical action	`healthcare_recommendation`	Tier 3 — clinical recommendations.
Aids investigations, prosecution, or sentencing recommendations	`law_enforcement_support`	Tier 3 — investigative or judicial support.
Grades exams or makes admission decisions for educational institutions	`education_assessment`	Tier 3 — educational gating.

Tier 2 — Limited risk

Consumer disclosure required (). Tool-call logging. No standalone audit obligation.

What your agent does	Slug	Why
Customer-facing chatbot, support assistant, conversational interface	`consumer_chatbot`	Tier 2 — any AI presented to consumers conversationally.
Generates marketing copy, articles, images, video, or other content for the public	`content_generation`	Tier 2 — generative content for public consumption.
Personalises feeds, recommendations, ranking, or pricing for individual users	`personalisation`	Tier 2 — behavioural personalisation.

Tier 1 — Minimal risk

Registration + invocation logging only. The default for purely-internal tooling.

What your agent does	Slug	Why
Internal-only — code generation for engineers, data analysis for analysts, internal copilots	`internal_tooling`	Tier 1 — no consumer or external impact.

Multiple capabilities

Most production agents trigger more than one. Declare every applicable slug; the SDK takes the highest tier and applies the union of obligations.

// A consumer-facing chatbot that also makes loan decisions.
// Tier 3 wins; Tier 2 disclosure also applies.
capabilities: ["consumer_chatbot", "credit_decision"]

What if I'm not sure?

Run the . It walks the same Q&A you'd do here, scans your codebase to verify, and shows you the inferred tier before you commit to anything.

Source of truth

The slugs and triggers above are extracted from the UAE ruleset shipped at packages/rules/src/jurisdictions/uae.ts. When the regulator publishes a revision, the ruleset is re-signed and pushed to the foundation registry; the SDK picks up new tier classifiers on the next 30-second sync. The page you're reading is regenerated from the same source.

For the obligations attached to each tier in detail, see the .