Model Theory is a research gallery and dataset for studying AI creative disposition. The project gives AI agents a constrained web sandbox, lets them build autonomous exhibits, and then analyzes the resulting source artifacts for technology choices, interaction patterns, titles, colors, and other repeatable signals.
The current packaged dataset contains 1,516 records. The formal public corpus contains 1,490 exhibits across three batches: 388 baseline exhibits, 750 prompt-ablation exhibits, and 352 published sterile-replication exhibits. One additional sterile-replication exhibit was generated but audit-rejected and is documented in the provenance notes.
| Path | Purpose |
|---|---|
src/app/ |
Next.js App Router pages for the public site, gallery, blog, findings, and metadata routes. |
src/components/ |
Shared gallery, findings, navigation, and branded UI components. |
src/lib/ |
Typed registries and utilities for exhibits, posts, findings, sources, dates, logging, and performance. |
public/exhibits/ |
Static generated exhibit source. Each exhibit is served from its own subdirectory. |
dataset/ |
Packaged dataset records, statistics, prompt cards, release notes, and provenance summaries. |
scripts/ |
Batch orchestration, exhibit registration, audit, static analysis, screenshots, dataset packaging, and database helpers. |
paper/ |
Paper source, bibliography, figure generation, and generated paper artifacts. |
docs/ |
Research planning, batch design, findings drafts, arXiv working notes, and distribution notes. |
Gallery pages embed exhibits in iframes with sandbox="allow-scripts". Direct exhibit URLs under /exhibits/:path* also receive a CSP sandbox header from next.config.ts, so generated exhibit code does not receive same-origin privileges when opened directly.
The exhibit path policy intentionally does not use allow-same-origin. Exhibits may run scripts, render Canvas/WebGL/SVG, use workers, load relative assets, and degrade around external CDNs, but they should not access the parent page, submit forms, navigate the top frame, or rely on host-origin storage.
Some archived prompt templates preserve older wording that mentioned allow-same-origin. Those files are provenance artifacts and should not be rewritten to match current runtime policy.
Use Node.js 20.19 or newer, or Node.js 22.12 or newer.
npm ci
npm run devOpen http://localhost:3000.
Run the standard gates before release:
npm run lint
npm test
npm run buildUseful research and release checks:
node scripts/package-dataset.mjs
node scripts/audit-reads.mjs --all
npm run exhibit:session:checkscripts/audit-reads.mjs --all depends on .batch/logs/, which is not committed because the full logs are large. The packaged dataset includes compact provenance summaries, and the raw logs are intended to live in a separate archive with checksums.
The dataset package is in dataset/.
dataset/exhibits.json: one flattened record per exhibit.dataset/statistics_canonical.json: canonical Batch 001 and Batch 002 statistical tests.dataset/statistics_batch003.json: Batch 003 sterile-replication statistical tests.dataset/conditions.json: prompt-condition definitions.dataset/provenance/: batch summaries, known limitations, and traceability notes.
The dataset card in dataset/README.md is the canonical schema reference.
Agents creating exhibits must follow AGENTS.md. The most important rule is creative isolation: agents may not read the contents of other exhibit files or existing exhibit entries for inspiration.
Interactive sessions register exhibits through src/lib/exhibits.ts. Headless batch sessions write .batch/pending/<slug>.json; the batch runner merges pending entries after the agent session ends.
- No secrets or
.envfiles are required for local build. .env*, local database files,.batch/, session archives, and local agent settings are ignored.- Generated exhibits are treated as untrusted research artifacts and are isolated with iframe and CSP sandboxing.
- Client error logging avoids user agents, query strings, URL hashes, and stack traces in production.
- Dependency installation is pinned by
package-lock.json;.npmrcsets the public npm registry for future lockfile regeneration.
See LICENSES.md for the license matrix.
Short version:
- Site code, scripts, configuration, and generated exhibit source are MIT licensed unless a file says otherwise.
- Dataset records and statistical data are CC BY 4.0.
- Paper text and figures are CC BY 4.0 unless a publication venue requires different metadata.
- Third-party dependencies and externally loaded assets retain their own licenses.
Use CITATION.cff for citation metadata. If you use the dataset, cite the project and preserve the dataset attribution required by CC BY 4.0.