Commits on May 7, 2026 permissions: site + docs honest about one-way capability tokens The whitepaper landing page, the build guide, and the developer docs were sketching a session-upgrade API that widens authority (plan → execute with extra actions). The implementation is — and must remain — one-way: agent.upgradeSession can only narrow. To widen, the page mints a fresh session via agent.requestCapabilities, which gives the user a small, scoped prompt at exactly the moment of intent. This commit aligns: - whitepaper/index.html: "Permissions surface" comparison row and the security section now mention typed actions, capability tokens, the audit feed, and information-flow labels rather than the simpler "per-origin, per-tool" framing. - whitepaper/build.html: requestCapabilities example uses the real API shape (server + toolNames in tool.call requests, a budget field instead of a `tools` field), and the follow-up illustrates a fresh requestCapabilities call instead of a forbidden upgradeSession widening.…