Open for Agents Docs

Core 0.3.15 · Assistant 0.1.8 · Brand v1.1.1 · WebMCP emerging standard

Documentation

Publication Tiers

public_minimal

Includes only safe discovery actions in the minimal allowlist: search, browse_products, and view_cart.

This tier excludes forms, checkout, auth, and other sensitive operations. Public-tier redaction also strips implementation details such as selectors and internal evidence fields.

Use this when you want agents to understand your site structure but keep all submission and transactional paths private.

public_standard

Includes actions that are not marked dangerous and do not require authentication. Publication does not make a detected action executable; provider certification, per-tool enablement, and the exact approval policy still apply.

Eligible output may include individually reviewed Contact Form 7 or WPForms Lite tools for supported single-page forms, plus reviewed WooCommerce cart tools. Checkout, payment, order placement, authentication, and accounts remain excluded from launch execution.

Low-confidence mined hook/route discovery surfaces are still kept private in this tier.

Use this for production sites that want practical public utility for assistants while keeping high-impact operations gated.

private_full

Includes your full internal action map with complete diagnostics, flags, and detailed metadata intended for trusted private agent environments.

This tier may include auth-required and restricted actions together with richer endpoint context that is not appropriate for broad public exposure.

Use this when running controlled internal automations, CI checks, or staging evaluations.

Tier Decision Matrix

Site ProfilePrimary GoalRecommended TierWhy
Content site or blogSafe discovery onlypublic_minimalExposes search and browse signals without exposing forms.
Lead-generation siteAllow an eligible reviewed form workflowpublic_standardMay publish an individually reviewed supported Contact Form 7 or WPForms Lite form; execution remains off until that exact form is enabled.
WooCommerce storefrontPublic browse/cart utilitypublic_standardSupports WooCommerce core discovery and reviewed cart tools; checkout, payment, orders, and accounts remain human-only.
Internal agent or CI environmentFull diagnostic controlprivate_fullIncludes complete internal metadata for trusted private execution.

Redaction Matrix by Tier

Field or Metadatapublic_minimalpublic_standardprivate_full
Surface selectors and enctypeRemovedRemovedIncluded
Evidence, data class, restricted, allowlistRemovedRemovedIncluded
Notes, permissions, outputsRemovedIncluded (notes capped)Included
Sensitive input names (password, token, nonce, etc.)RemovedRemovedIncluded
Enum values per inputCapped to 5Capped to 10Uncapped
Auth methods detailLimited to cookie and nonce methodsNormalized auth methodsFull auth metadata

Example Output Shape

{
  "tier": "public_standard",
  "actions": [
    { "type": "search", "risk": "low" },
    { "type": "contact_form", "risk": "medium" }
  ],
  "restricted_count": 5
}

Next: FAQ