Documentation
Publication Tiers
public_minimal
Includes only safe discovery actions in the minimal allowlist: search, browse_products, and view_cart.
This tier excludes forms, checkout, auth, and other sensitive operations. Public-tier redaction also strips implementation details such as selectors and internal evidence fields.
Use this when you want agents to understand your site structure but keep all submission and transactional paths private.
public_standard
Includes actions that are not marked dangerous and do not require authentication. Publication does not make a detected action executable; provider certification, per-tool enablement, and the exact approval policy still apply.
Eligible output may include individually reviewed Contact Form 7 or WPForms Lite tools for supported single-page forms, plus reviewed WooCommerce cart tools. Checkout, payment, order placement, authentication, and accounts remain excluded from launch execution.
Low-confidence mined hook/route discovery surfaces are still kept private in this tier.
Use this for production sites that want practical public utility for assistants while keeping high-impact operations gated.
private_full
Includes your full internal action map with complete diagnostics, flags, and detailed metadata intended for trusted private agent environments.
This tier may include auth-required and restricted actions together with richer endpoint context that is not appropriate for broad public exposure.
Use this when running controlled internal automations, CI checks, or staging evaluations.
Tier Decision Matrix
| Site Profile | Primary Goal | Recommended Tier | Why |
|---|---|---|---|
| Content site or blog | Safe discovery only | public_minimal | Exposes search and browse signals without exposing forms. |
| Lead-generation site | Allow an eligible reviewed form workflow | public_standard | May publish an individually reviewed supported Contact Form 7 or WPForms Lite form; execution remains off until that exact form is enabled. |
| WooCommerce storefront | Public browse/cart utility | public_standard | Supports WooCommerce core discovery and reviewed cart tools; checkout, payment, orders, and accounts remain human-only. |
| Internal agent or CI environment | Full diagnostic control | private_full | Includes complete internal metadata for trusted private execution. |
Redaction Matrix by Tier
| Field or Metadata | public_minimal | public_standard | private_full |
|---|---|---|---|
| Surface selectors and enctype | Removed | Removed | Included |
| Evidence, data class, restricted, allowlist | Removed | Removed | Included |
| Notes, permissions, outputs | Removed | Included (notes capped) | Included |
| Sensitive input names (password, token, nonce, etc.) | Removed | Removed | Included |
| Enum values per input | Capped to 5 | Capped to 10 | Uncapped |
| Auth methods detail | Limited to cookie and nonce methods | Normalized auth methods | Full auth metadata |
Example Output Shape
{
"tier": "public_standard",
"actions": [
{ "type": "search", "risk": "low" },
{ "type": "contact_form", "risk": "medium" }
],
"restricted_count": 5
}Next: FAQ