The universe of operations supported by this spec is likely to grow in the future.

To ensure that new operators are shaped in a way that they can be implemented securely, it would be good to include some general guidelines/philosophy on how ops are defined to reduce potential for ops to result in implementation problems.

For instance, avoid reshaping tensors, simplicity of arguments, no parsers for complex data formats.