generated: '2026-07-15' method: generated source: openapi/openapi.json description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 45 by_action_class: connected: 22 acting: 23 by_consequence: read: 22 write: 20 safety-critical: 3 human_in_the_loop_required: 3 operations: - path: / method: get operationId: getApiIndex x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /users method: post operationId: createUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /users/{username_or_email} method: get operationId: getUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /users/me method: get operationId: getCurrentUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /users/me/audit-logs method: get operationId: getUserAuditLogs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /users/{username_or_email}/reset method: post operationId: resetUserPassword x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /repos method: get operationId: listRepositories x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /repos/{name} method: get operationId: getRepository x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs method: get operationId: listOrganizations x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs/{name} method: get operationId: getOrganization x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs/{name} method: post operationId: updateOrganization x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /orgs/{name}/audit-logs method: get operationId: getOrganizationAuditLogs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs/{name}/members method: get operationId: listOrganizationMembers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs/{name}/members method: post operationId: addOrganizationMember x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /orgs/{name}/members/{username} method: get operationId: getOrganizationMember x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs/{name}/members/{username} method: post operationId: updateOrganizationMember x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /orgs/{name}/members/{username} method: delete operationId: removeOrganizationMember x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages method: get operationId: listPackages x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name} method: get operationId: getPackage x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name}/audit-logs method: get operationId: getPackageAuditLogs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name}/releases/{version} method: get operationId: getRelease x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name}/releases/{version} method: delete operationId: revertRelease x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /publish method: post operationId: publishRelease x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages/{name}/releases/{version}/retire method: post operationId: retireRelease x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages/{name}/releases/{version}/retire method: delete operationId: unretireRelease x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages/{name}/releases/{version}/docs method: get operationId: getPackageDocs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name}/releases/{version}/docs method: post operationId: publishPackageDocs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages/{name}/releases/{version}/docs method: delete operationId: removePackageDocs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages/{name}/owners method: get operationId: listPackageOwners x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name}/owners/{username} method: get operationId: getPackageOwner x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /packages/{name}/owners/{username} method: put operationId: addPackageOwner x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /packages/{name}/owners/{username} method: delete operationId: removePackageOwner x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /keys method: get operationId: listApiKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /keys method: post operationId: createApiKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /keys method: delete operationId: removeAllApiKeys x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /keys/{name} method: get operationId: getApiKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /keys/{name} method: delete operationId: removeApiKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /orgs/{name}/keys method: get operationId: listOrganizationApiKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /orgs/{name}/keys method: post operationId: createOrganizationApiKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /short_url method: post operationId: createShortUrl x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth method: get operationId: verifyAuthentication x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /oauth/device_authorization method: post operationId: initiateDeviceAuthorization x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /oauth/token method: post operationId: requestToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /oauth/revoke method: post operationId: revokeToken x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /oauth/revoke_by_hash method: post operationId: revokeTokenByHash x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required