generated: '2026-07-15' method: generated source: openapi/goharbor-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 38 by_action_class: connected: 24 acting: 14 by_consequence: read: 24 write: 14 human_in_the_loop_required: 0 operations: - path: /health method: get operationId: getHealth x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /search method: get operationId: search x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /statistics method: get operationId: getStatistics x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects method: get operationId: listProjects x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects method: post operationId: createProject x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name_or_id} method: get operationId: getProject x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name_or_id} method: put operationId: updateProject x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name_or_id} method: delete operationId: deleteProject x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name_or_id}/summary method: get operationId: getProjectSummary x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name_or_id}/members method: get operationId: listProjectMembers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name_or_id}/members method: post operationId: addProjectMember x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /repositories method: get operationId: listRepositories x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name}/repositories method: get operationId: listProjectRepositories x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name}/repositories/{repository_name} method: get operationId: getRepository x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name}/repositories/{repository_name} method: delete operationId: deleteRepository x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name}/repositories/{repository_name}/artifacts method: get operationId: listArtifacts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name}/repositories/{repository_name}/artifacts/{reference} method: get operationId: getArtifact x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name}/repositories/{repository_name}/artifacts/{reference} method: delete operationId: deleteArtifact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/tags method: get operationId: listArtifactTags x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/tags method: post operationId: addArtifactTag x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan method: post operationId: scanArtifact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /projects/{project_name_or_id}/webhook/policies method: get operationId: listWebhookPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /projects/{project_name_or_id}/webhook/policies method: post operationId: createWebhookPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /audit-logs method: get operationId: listAuditLogs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /usergroups method: get operationId: listUserGroups x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /usergroups method: post operationId: createUserGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /usergroups/{group_id} method: get operationId: getUserGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /robots method: get operationId: listRobots x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /robots method: post operationId: createRobot x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /robots/{robot_id} method: get operationId: getRobot x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /quotas method: get operationId: listQuotas x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /quotas/{id} method: get operationId: getQuota x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /replication/policies method: get operationId: listReplicationPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /replication/policies method: post operationId: createReplicationPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /replication/executions method: get operationId: listReplicationExecutions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /replication/executions method: post operationId: createReplicationExecution x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /registries method: get operationId: listRegistries x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /registries method: post operationId: createRegistry x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required