Security
Choose what your agent can safely do
A generated API catalog is a starting point, not a production permission boundary. Astrail lets you choose exactly what agents see, explain when each tool should be used, and stop sensitive actions before an upstream request runs.
Implementation
Path to ship.
Guide
Exposure and permission are separate
Turn Expose to agents off when an operation should not exist in the agent's catalog. Hidden tools are removed from tools/list and direct calls to their mapped endpoints are rejected.
For exposed tools, Allow executes normally, Require approval pauses before provider access, and Block always refuses the call. Provider OAuth scopes still need to be least-privilege because runtime policy is an operational guardrail, not the provider's authorization system.
Guide
Teach the agent the business workflow
Shared context explains terminology and rules for the whole server. Tool-specific context says what the operation means, when it is the right choice, when another tool or a human is required, and which provider responses are easy to misread.
Do not paste credentials, tokens, or private customer records into context. Every caller allowed to initialize or list the server can receive it.
Guide
Export without dropping the safety decisions
The Worker bundle carries the curated catalog, business context, action policy, governance manifest, and production checklist. Private exports require a deployment bearer secret, and provider-authenticated tools stay on Astrail's hosted per-user OAuth runtime unless you build an equivalent reviewed credential adapter.
Standalone public REST execution is off by default. Enable it only for exact reviewed HTTPS origins and keep the generated Cloudflare strict-public routing flag in place.
FAQ
Common questions.
Does Apply safe defaults make every API safe automatically?
No. It gives you a conservative first pass. Review descriptions, provider scopes, business rules, and every state-changing action before production use.
What happens when I hide a tool?
It disappears from tools/list, its endpoint is removed from the callable map, and direct calls to that tool name fail before any provider request.
Can I self-host the export?
Yes. The bundle includes a Cloudflare Worker and Docker proxy path. Review the governance manifest and checklist, configure caller auth for private exports, and keep provider credentials in the hosted runtime unless you implement an equivalent secure vault.