generated: '2026-07-15' method: generated source: openapi/freeagent-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 23 by_action_class: connected: 8 acting: 15 by_consequence: read: 8 write: 6 physical: 9 human_in_the_loop_required: 0 operations: - path: /contacts method: get operationId: listContacts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /contacts method: post operationId: createContact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /contacts/{id} method: get operationId: getContact x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /contacts/{id} method: put operationId: updateContact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /contacts/{id} method: delete operationId: deleteContact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices method: get operationId: listInvoices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /invoices method: post operationId: createInvoice x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id} method: get operationId: getInvoice x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /invoices/{id} method: put operationId: updateInvoice x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id} method: delete operationId: deleteInvoice x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id}/pdf method: get operationId: getInvoicePdf x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /invoices/{id}/transitions/mark_as_sent method: put operationId: invoiceMarkAsSent x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id}/transitions/mark_as_scheduled method: put operationId: invoiceMarkAsScheduled x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id}/transitions/mark_as_draft method: put operationId: invoiceMarkAsDraft x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id}/transitions/mark_as_cancelled method: put operationId: invoiceMarkAsCancelled x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id}/duplicate method: post operationId: duplicateInvoice x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/{id}/send_email method: post operationId: emailInvoice x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /invoices/timeline method: get operationId: invoicesTimeline x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /bank_accounts method: get operationId: listBankAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /bank_accounts method: post operationId: createBankAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /bank_accounts/{id} method: get operationId: getBankAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /bank_accounts/{id} method: put operationId: updateBankAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /bank_accounts/{id} method: delete operationId: deleteBankAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required