Import, Export & Publish

CRAFT supports several ways to move automation artifacts between machines and teams. Each operation has distinct seat requirements and passes through the Preview/Validate Gate.

Operations at a Glance

Run: Execute an automation locally inside your CAD host. Requires a Runner seat or higher.
Validate: Re-inspect an automation (read-only). No seat required. Never executes.
Export: Package an automation as a portable zip archive. Requires a Creator seat or higher.
Import: Receive and inspect an external automation package. Any authenticated user may import and view. Running an imported automation requires a Runner seat.
Publish: Promote an automation to the shared registry. Requires a Creator seat and a Team or Enterprise tier.

Gate required for all. Every operation listed above passes through the Gate. The Gate shows dependencies, data-leaving-your-machine disclosure, and execution status before you proceed.

Export

Export packages an automation artifact into a single zip archive containing the manifest, artifact definition, and lockfile. The export carries embedded attribution metadata (author, tenant, creation timestamp).

Export requires passing through the Gate, including the egress disclosure panel. The exported zip is a self-contained package that can be shared with another CRAFT user via any file transfer method.

Import

Import receives a zip package exported by another CRAFT user. The Gate verifies the package integrity and displays the egress disclosure for any egress implied by the artifact.

Any authenticated user can import and view an automation. To run an imported automation, you need a Runner seat or higher. If the package fails vendor signature verification, the import is blocked.

Publish

Publish promotes an automation artifact to the shared registry — a passive, read-only artifact store hosted on the CRAFT server.

The registry does not execute automations. It stores and serves signed artifacts only.
The server signs the artifact at publish time using the CRAFT signing key.
The signature binds to the artifact content — byte-level integrity is preserved.

Immutability

Published artifacts are immutable. Once an artifact version is published, it cannot be modified or overwritten. If you need to make changes, publish a new version with an incremented version number. Attempting to overwrite a published version returns an error.

The artifact state machine is: draft → published → deprecated. There is no rollback from published to draft.

The Passive Registry

The shared registry is a passive content store. It accepts signed artifacts, serves them for download, and provides version history and provenance metadata. It does not execute, modify, or interpret automations in any way.

Package Format

Automation packages are self-contained zip archives containing:

Artifact identity, version, and content hashes
The automation definition
A dependency lockfile for reproducible re-runs
Attribution metadata (author, tenant, creation timestamp)
Optional documentation

Packages are built deterministically so that identical content always produces identical bytes. This is what allows cryptographic signature verification to work reliably.

No raw file export. CRAFT exports automation artifacts as structured zip packages. It does not export raw host-native files (such as individual graph definition files) outside the package format.

Seat Requirements Summary

Operation	Minimum Seat	Minimum Tier
Run	Runner	Any
Validate	None (any authenticated user)	Any
Export	Creator	Any
Import (view)	None (any authenticated user)	Any
Import (run)	Runner	Any
Publish	Creator	Team or Enterprise

Previous: Preview, Validate & Gate Next: Security & Trust