generated: '2026-07-15' method: generated source: openapi/health-gorilla-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 22 by_action_class: connected: 18 acting: 4 by_consequence: read: 18 write: 3 physical: 1 human_in_the_loop_required: 0 operations: - path: /metadata method: get operationId: getCapabilityStatement x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Patient method: get operationId: searchPatients x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Patient method: post operationId: createPatient x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /Patient/{id} method: get operationId: readPatient x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Patient/{id} method: put operationId: updatePatient x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /Patient/{id}/$everything method: get operationId: patientEverything x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /RequestGroup method: post operationId: createRequestGroup x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /RequestGroup method: get operationId: searchRequestGroups x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /RequestGroup/{id} method: get operationId: readRequestGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ServiceRequest method: get operationId: searchServiceRequests x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ServiceRequest method: post operationId: createServiceRequest x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /ServiceRequest/{id} method: get operationId: readServiceRequest x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /DiagnosticReport method: get operationId: searchDiagnosticReports x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /DiagnosticReport/{id} method: get operationId: readDiagnosticReport x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Observation method: get operationId: searchObservations x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /DocumentReference method: get operationId: searchDocumentReferences x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /DocumentReference/{id} method: get operationId: readDocumentReference x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Binary/{id} method: get operationId: readBinary x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Coverage method: get operationId: searchCoverage x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Coverage/{id} method: get operationId: readCoverage x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Practitioner method: get operationId: searchPractitioners x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /Practitioner/{id} method: get operationId: readPractitioner x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none