{
  "name": "Mg Bot Personal Vault",
  "agent_mode": "vault-agent-v1",
  "version": "1.0",
  "entrypoints": {
    "vault_ui": "../index.php",
    "ai_workspace": "../ai-workspace.php",
    "doctor": "../doctor.php",
    "contacts": "../contacts.php",
    "api": "../api.php",
    "runtime_manifest": "../api.php?action=agent_manifest"
  },
  "session_policy": {
    "requires_authenticated_browser_session": true,
    "post_requests_require_csrf": true,
    "csrf_source": "window.APP_CONFIG.csrfToken"
  },
  "actions": [
    {
      "name": "agent_search",
      "method": "GET",
      "endpoint": "../api.php?action=agent_search",
      "description": "Search vault entries and return metadata plus available field names only."
    },
    {
      "name": "agent_get_field",
      "method": "POST",
      "endpoint": "../api.php",
      "body": {
        "action": "agent_get_field",
        "id": "vault entry id",
        "field": "field key or label",
        "confirm_reveal": "1 required for sensitive fields",
        "secret_word": "required for double-secure entries"
      }
    },
    {
      "name": "agent_totp",
      "method": "POST",
      "endpoint": "../api.php",
      "body": {
        "action": "agent_totp",
        "id": "vault entry id",
        "confirm_reveal": "1",
        "secret_word": "required for double-secure entries"
      }
    },
    {
      "name": "agent_send_discord",
      "method": "POST",
      "endpoint": "../api.php",
      "description": "Send the targeted vault treasure to the configured admin Discord webhook, using the same full treasure send function as the vault UI.",
      "body": {
        "action": "agent_send_discord",
        "id": "vault entry id",
        "confirm_send": "1 required when admin explicitly asks to send this treasure to Discord",
        "secret_word": "required for double-secure entries",
        "include_attachments": "optional 1 to include selected image/pdf fields",
        "attachment_ids": "optional JSON array of attachment ids"
      }
    },
    {
      "name": "agent_contacts_search",
      "method": "GET",
      "endpoint": "../api.php?action=agent_contacts_search",
      "description": "Search contacts and return metadata plus available field names only."
    },
    {
      "name": "agent_contact_get_field",
      "method": "POST",
      "endpoint": "../api.php",
      "body": {
        "action": "agent_contact_get_field",
        "id": "contact id",
        "field": "field key or label",
        "confirm_reveal": "1 required for sensitive contact fields"
      }
    },
    {
      "name": "agent_audit_recent",
      "method": "GET",
      "endpoint": "../api.php?action=agent_audit_recent",
      "description": "Read recent agent access audit rows for the signed-in user."
    }
  ],
  "security": {
    "search_returns_values": false,
    "sensitive_fields_require_explicit_confirm": true,
    "double_secure_entries_require_secret_word": true,
    "discord_send_requires_explicit_confirm": true,
    "agent_access_is_audited": true,
    "doctor_can_pause_agent_mode": true,
    "recommended_secret_delivery": "Prefer copying or filling fields in the browser instead of printing secrets into remote chats."
  }
}