@nordsym/apiclaw 1.5.8 → 1.5.9

package/HTTP-API.md

@@ -0,0 +1,306 @@
+# APIClaw HTTP API
+
+REST endpoints for headless agents (Hivr bees, webhooks, serverless functions).
+
+## 🚀 Quick Start
+
+**Start server:**
+```bash
+npx apiclaw-http --port 3000
+```
+
+**Or via npm:**
+```bash
+npm i -g @nordsym/apiclaw
+apiclaw-http
+```
+
+Server runs on `http://localhost:3000` by default.
+
+---
+
+## 📡 Endpoints
+
+### 1. Discover APIs
+
+Search for APIs by capability.
+
+**Request:**
+```http
+GET /api/discover?query=web+search&agentId=bytebee&category=Search&maxResults=5
+```
+
+**Parameters:**
+| Param | Required | Description |
+|-------|----------|-------------|
+| `query` | Yes | Search query (e.g., "web search", "send SMS") |
+| `agentId` | Yes | Your agent ID (must be whitelisted) |
+| `category` | No | Filter by category |
+| `maxResults` | No | Max results to return (default: 5) |
+
+**Response:**
+```json
+{
+  "success": true,
+  "query": "web search",
+  "results": [
+    {
+      "provider": {
+        "id": "brave_search",
+        "name": "Brave Search",
+        "category": "Search"
+      },
+      "score": 95,
+      "reasons": ["keyword: search", "capability: web search"]
+    }
+  ],
+  "count": 1,
+  "responseTimeMs": 12
+}
+```
+
+---
+
+### 2. Call API
+
+Execute an API call.
+
+**Request:**
+```http
+POST /api/call_api
+Content-Type: application/json
+
+{
+  "provider": "brave_search",
+  "action": "search",
+  "params": {
+    "query": "AI news",
+    "count": 5
+  },
+  "agentId": "bytebee"
+}
+```
+
+**Parameters:**
+| Field | Required | Description |
+|-------|----------|-------------|
+| `provider` | Yes | Provider ID (from discover results) |
+| `action` | Yes | Action to perform (e.g., "search", "send_sms") |
+| `params` | Yes | Action parameters (varies by provider) |
+| `agentId` | Yes | Your agent ID (must be whitelisted) |
+
+**Response (success):**
+```json
+{
+  "success": true,
+  "provider": "brave_search",
+  "action": "search",
+  "agentId": "bytebee",
+  "data": {
+    "results": [
+      {
+        "title": "Latest AI News",
+        "url": "https://example.com/ai-news",
+        "snippet": "..."
+      }
+    ]
+  },
+  "latencyMs": 234
+}
+```
+
+**Response (error):**
+```json
+{
+  "success": false,
+  "provider": "brave_search",
+  "action": "search",
+  "agentId": "bytebee",
+  "error": "Rate limit exceeded",
+  "latencyMs": 12
+}
+```
+
+---
+
+### 3. Health Check
+
+Check if server is running.
+
+**Request:**
+```http
+GET /health
+```
+
+**Response:**
+```json
+{
+  "status": "ok",
+  "service": "apiclaw-http-api"
+}
+```
+
+---
+
+## 🔐 Authentication
+
+**Hivr Bees Whitelist:**
+
+Access is restricted to whitelisted Hivr bees. The `agentId` parameter must match one of these:
+
+```
+bytebee, analyzerbee, buildbee, buzzwriter, hivemind, 
+hivesage, symbot, hivrqueen, marketmaven, reconbee, 
+sprintbee, quillbee
+```
+
+**Unauthorized response:**
+```json
+{
+  "error": "Unauthorized",
+  "message": "This endpoint is restricted to Hivr bees. Contact admin@nordsym.com for access."
+}
+```
+
+---
+
+## 📊 Usage Logging
+
+All API calls are logged to APIClaw analytics with:
+- Provider + action
+- Agent ID (e.g., `hivr:bytebee`)
+- Success/failure
+- Latency
+
+This enables usage tracking per Hivr bee.
+
+---
+
+## 🎯 Example: Web Search
+
+**1. Discover search APIs:**
+```bash
+curl "http://localhost:3000/api/discover?query=web+search&agentId=bytebee"
+```
+
+**2. Call Brave Search:**
+```bash
+curl -X POST http://localhost:3000/api/call_api \
+  -H "Content-Type: application/json" \
+  -d '{
+    "provider": "brave_search",
+    "action": "search",
+    "params": {
+      "query": "latest AI developments",
+      "count": 5
+    },
+    "agentId": "bytebee"
+  }'
+```
+
+---
+
+## 🌐 CORS
+
+CORS headers are set to allow cross-origin requests from anywhere:
+- `Access-Control-Allow-Origin: *`
+- `Access-Control-Allow-Methods: GET, POST, OPTIONS`
+- `Access-Control-Allow-Headers: Content-Type, X-Agent-Id`
+
+Safe for browser-based agents.
+
+---
+
+## 🚀 Deployment
+
+### Local Development
+```bash
+apiclaw-http --port 3000
+```
+
+### Production (systemd)
+```ini
+[Unit]
+Description=APIClaw HTTP API
+After=network.target
+
+[Service]
+Type=simple
+User=apiclaw
+WorkingDirectory=/opt/apiclaw
+ExecStart=/usr/bin/apiclaw-http --port 3000
+Restart=always
+Environment="PORT=3000"
+
+[Install]
+WantedBy=multi-user.target
+```
+
+### Docker
+```dockerfile
+FROM node:20
+RUN npm i -g @nordsym/apiclaw
+CMD ["apiclaw-http", "--port", "3000"]
+EXPOSE 3000
+```
+
+### Vercel (Serverless)
+See `landing/` directory for Next.js API routes wrapper.
+
+---
+
+## 🐝 Hivr Integration
+
+**In your Hivr bee instructions:**
+```markdown
+## APIClaw Access 🦞
+
+You have access to APIClaw via HTTP API.
+
+**Discover APIs:**
+GET https://apiclaw.nordsym.com/api/discover?query=web+search&agentId=YOUR_HANDLE
+
+**Call APIs:**
+POST https://apiclaw.nordsym.com/api/call_api
+Body: { provider: "brave_search", action: "search", params: {...}, agentId: "YOUR_HANDLE" }
+
+**Your agent ID:** Replace `YOUR_HANDLE` with your actual handle (e.g., "bytebee").
+```
+
+---
+
+## 📚 API Provider Reference
+
+See [apiclaw.nordsym.com/docs](https://apiclaw.nordsym.com/docs) for:
+- List of all 18 Direct Call providers
+- Available actions per provider
+- Parameter schemas
+- Rate limits & pricing
+
+---
+
+## 🔧 Development
+
+**Run from source:**
+```bash
+cd apiclaw
+npm run build
+node dist/bin-http.js --port 3000
+```
+
+**Watch mode:**
+```bash
+tsx watch src/bin-http.ts
+```
+
+---
+
+## ❓ Support
+
+- **Docs:** [apiclaw.nordsym.com/docs](https://apiclaw.nordsym.com/docs)
+- **Issues:** [github.com/nordsym/apiclaw/issues](https://github.com/nordsym/apiclaw/issues)
+- **Email:** admin@nordsym.com
+
+---
+
+MIT © [NordSym](https://nordsym.com)

package/dist/bin-http.d.ts

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+/**
+ * APIClaw HTTP API Server - Standalone executable
+ * Usage: apiclaw-http [--port 3000]
+ */
+export {};
+//# sourceMappingURL=bin-http.d.ts.map

package/dist/bin-http.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bin-http.d.ts","sourceRoot":"","sources":["../src/bin-http.ts"],"names":[],"mappings":";AACA;;;GAGG"}

package/dist/bin-http.js

@@ -0,0 +1,43 @@
+#!/usr/bin/env node
+/**
+ * APIClaw HTTP API Server - Standalone executable
+ * Usage: apiclaw-http [--port 3000]
+ */
+import { startHTTPServer } from './http-api.js';
+const args = process.argv.slice(2);
+let port = 3000;
+// Parse args
+for (let i = 0; i < args.length; i++) {
+    if (args[i] === '--port' || args[i] === '-p') {
+        port = parseInt(args[i + 1] || '3000');
+        i++;
+    }
+    else if (args[i] === '--help' || args[i] === '-h') {
+        console.log(`
+🦞 APIClaw HTTP API Server
+
+Usage:
+  apiclaw-http [options]
+
+Options:
+  --port, -p <port>    Port to listen on (default: 3000)
+  --help, -h           Show this help
+
+Examples:
+  apiclaw-http
+  apiclaw-http --port 8080
+
+Endpoints:
+  GET  /api/discover?query=...&agentId=...
+  POST /api/call_api
+       Body: { provider, action, params, agentId }
+  GET  /health
+
+Auth:
+  Whitelist-based for Hivr bees. Contact admin@nordsym.com for access.
+`);
+        process.exit(0);
+    }
+}
+startHTTPServer(port);
+//# sourceMappingURL=bin-http.js.map

package/dist/bin-http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bin-http.js","sourceRoot":"","sources":["../src/bin-http.ts"],"names":[],"mappings":";AACA;;;GAGG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAEhD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,IAAI,IAAI,GAAG,IAAI,CAAC;AAEhB,aAAa;AACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;IACrC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC;QACvC,CAAC,EAAE,CAAC;IACN,CAAC;SAAM,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;CAsBf,CAAC,CAAC;QACC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,eAAe,CAAC,IAAI,CAAC,CAAC"}

package/dist/http-api.d.ts

@@ -0,0 +1,16 @@
+/**
+ * APIClaw HTTP API Server
+ * Provides REST endpoints for headless agents (Hivr bees, webhooks, etc)
+ *
+ * Endpoints:
+ * - GET  /api/discover?query=...&agentId=...
+ * - POST /api/call_api { provider, action, params, agentId }
+ * - GET  /health
+ *
+ * Auth: Whitelist-based for Hivr bees
+ */
+/**
+ * Start HTTP server
+ */
+export declare function startHTTPServer(port?: number): void;
+//# sourceMappingURL=http-api.d.ts.map

package/dist/http-api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-api.d.ts","sourceRoot":"","sources":["../src/http-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAwQH;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,GAAE,MAAa,GAAG,IAAI,CAwBzD"}

package/dist/http-api.js

@@ -0,0 +1,269 @@
+/**
+ * APIClaw HTTP API Server
+ * Provides REST endpoints for headless agents (Hivr bees, webhooks, etc)
+ *
+ * Endpoints:
+ * - GET  /api/discover?query=...&agentId=...
+ * - POST /api/call_api { provider, action, params, agentId }
+ * - GET  /health
+ *
+ * Auth: Whitelist-based for Hivr bees
+ */
+import { createServer } from 'http';
+import { URL } from 'url';
+import { discoverAPIs } from './discovery.js';
+import { isOpenAPI, executeOpenAPI } from './open-apis.js';
+import { executeMetered } from './metered.js';
+import { logAPICall } from './analytics.js';
+// Hivr bees whitelist - these agents get free unlimited access
+const HIVR_BEES_WHITELIST = [
+    'bytebee',
+    'analyzerbee',
+    'buildbee',
+    'buzzwriter',
+    'hivemind',
+    'hivesage',
+    'symbot',
+    'hivrqueen',
+    'marketmaven',
+    'reconbee',
+    'sprintbee',
+    'quillbee',
+    // Add more as Hivr grows
+];
+/**
+ * Check if agent is authorized (Hivr bee)
+ */
+function isAuthorized(agentId) {
+    if (!agentId)
+        return false;
+    const normalized = agentId.toLowerCase().trim();
+    return HIVR_BEES_WHITELIST.includes(normalized);
+}
+/**
+ * Parse JSON body from request
+ */
+async function parseBody(req) {
+    return new Promise((resolve, reject) => {
+        let body = '';
+        req.on('data', chunk => body += chunk.toString());
+        req.on('end', () => {
+            try {
+                resolve(JSON.parse(body));
+            }
+            catch (e) {
+                reject(new Error('Invalid JSON'));
+            }
+        });
+        req.on('error', reject);
+    });
+}
+/**
+ * Send JSON response
+ */
+function sendJSON(res, status, data) {
+    res.writeHead(status, {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+        'Access-Control-Allow-Headers': 'Content-Type, X-Agent-Id',
+    });
+    res.end(JSON.stringify(data));
+}
+/**
+ * Handle /api/discover
+ * GET /api/discover?query=web+search&agentId=bytebee&category=Search&maxResults=5
+ */
+async function handleDiscover(req, res, url) {
+    const query = url.searchParams.get('query');
+    const agentId = url.searchParams.get('agentId');
+    const category = url.searchParams.get('category') || undefined;
+    const maxResults = parseInt(url.searchParams.get('maxResults') || '5');
+    if (!query) {
+        sendJSON(res, 400, { error: 'Missing query parameter' });
+        return;
+    }
+    if (!isAuthorized(agentId || undefined)) {
+        sendJSON(res, 403, {
+            error: 'Unauthorized',
+            message: 'This endpoint is restricted to Hivr bees. Contact admin@nordsym.com for access.',
+        });
+        return;
+    }
+    const startTime = Date.now();
+    const results = discoverAPIs(query, { category, maxResults });
+    const responseTimeMs = Date.now() - startTime;
+    // Log to analytics
+    logAPICall({
+        timestamp: new Date().toISOString(),
+        provider: 'apiclaw_discovery',
+        action: 'discover',
+        type: 'open',
+        userId: `hivr:${agentId}`,
+        success: true,
+        latencyMs: responseTimeMs,
+    });
+    sendJSON(res, 200, {
+        success: true,
+        query,
+        results: results.map(r => ({
+            provider: r.provider,
+            score: r.relevance_score,
+            reasons: r.match_reasons,
+        })),
+        count: results.length,
+        responseTimeMs,
+    });
+}
+/**
+ * Handle /api/call_api
+ * POST /api/call_api
+ * Body: { provider: "brave_search", action: "search", params: { query: "AI news" }, agentId: "bytebee" }
+ */
+async function handleCallAPI(req, res) {
+    let body;
+    try {
+        body = await parseBody(req);
+    }
+    catch (e) {
+        sendJSON(res, 400, { error: 'Invalid JSON body' });
+        return;
+    }
+    const { provider, action, params, agentId } = body;
+    if (!provider || !action || !params || !agentId) {
+        sendJSON(res, 400, {
+            error: 'Missing required fields',
+            required: ['provider', 'action', 'params', 'agentId']
+        });
+        return;
+    }
+    if (!isAuthorized(agentId)) {
+        sendJSON(res, 403, {
+            error: 'Unauthorized',
+            message: 'This endpoint is restricted to Hivr bees. Contact admin@nordsym.com for access.',
+        });
+        return;
+    }
+    const startTime = Date.now();
+    let result;
+    let apiType;
+    let success = true;
+    let error;
+    try {
+        if (isOpenAPI(provider)) {
+            apiType = 'open';
+            result = await executeOpenAPI(provider, action, params);
+            success = result.success;
+            error = result.error;
+        }
+        else {
+            apiType = 'direct';
+            // For Direct Call APIs, use Hivr's workspace/credentials
+            // TODO: Get Hivr workspace token from env or config
+            const customerKey = process.env.APICLAW_HIVR_CUSTOMER_KEY;
+            const stripeCustomerId = process.env.APICLAW_HIVR_STRIPE_CUSTOMER;
+            result = await executeMetered(provider, action, params, {
+                customerId: stripeCustomerId,
+                customerKey,
+                userId: `hivr:${agentId}`,
+            });
+            success = result.success;
+            error = result.error;
+        }
+    }
+    catch (e) {
+        success = false;
+        error = e.message;
+        result = { success: false, error: error };
+    }
+    const latencyMs = Date.now() - startTime;
+    // Log to analytics
+    logAPICall({
+        timestamp: new Date().toISOString(),
+        provider,
+        action,
+        type: apiType,
+        userId: `hivr:${agentId}`,
+        success,
+        latencyMs,
+        error,
+    });
+    sendJSON(res, success ? 200 : 500, {
+        success,
+        provider,
+        action,
+        agentId,
+        data: result.data,
+        error: result.error,
+        latencyMs,
+    });
+}
+/**
+ * Handle OPTIONS (CORS preflight)
+ */
+function handleOptions(res) {
+    res.writeHead(204, {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+        'Access-Control-Allow-Headers': 'Content-Type, X-Agent-Id',
+        'Access-Control-Max-Age': '86400',
+    });
+    res.end();
+}
+/**
+ * Main request handler
+ */
+async function handleRequest(req, res) {
+    const url = new URL(req.url || '/', `http://${req.headers.host}`);
+    console.log(`[APIClaw HTTP] ${req.method} ${url.pathname}`);
+    // CORS preflight
+    if (req.method === 'OPTIONS') {
+        handleOptions(res);
+        return;
+    }
+    // Health check
+    if (url.pathname === '/health') {
+        sendJSON(res, 200, { status: 'ok', service: 'apiclaw-http-api' });
+        return;
+    }
+    // Route requests
+    if (url.pathname === '/api/discover' && req.method === 'GET') {
+        await handleDiscover(req, res, url);
+        return;
+    }
+    if (url.pathname === '/api/call_api' && req.method === 'POST') {
+        await handleCallAPI(req, res);
+        return;
+    }
+    // 404
+    sendJSON(res, 404, { error: 'Not found' });
+}
+/**
+ * Start HTTP server
+ */
+export function startHTTPServer(port = 3000) {
+    const server = createServer(async (req, res) => {
+        try {
+            await handleRequest(req, res);
+        }
+        catch (error) {
+            console.error('[APIClaw HTTP] Error:', error);
+            sendJSON(res, 500, { error: 'Internal server error', message: error.message });
+        }
+    });
+    server.listen(port, () => {
+        console.log(`\n🦞 APIClaw HTTP API running on http://localhost:${port}`);
+        console.log(`   GET  /api/discover?query=...&agentId=...`);
+        console.log(`   POST /api/call_api`);
+        console.log(`   GET  /health\n`);
+    });
+    server.on('error', (error) => {
+        if (error.code === 'EADDRINUSE') {
+            console.error(`[APIClaw HTTP] Port ${port} is already in use`);
+        }
+        else {
+            console.error('[APIClaw HTTP] Server error:', error);
+        }
+    });
+}
+//# sourceMappingURL=http-api.js.map

package/dist/http-api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-api.js","sourceRoot":"","sources":["../src/http-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,YAAY,EAAmC,MAAM,MAAM,CAAC;AACrE,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAG5C,+DAA+D;AAC/D,MAAM,mBAAmB,GAAG;IAC1B,SAAS;IACT,aAAa;IACb,UAAU;IACV,YAAY;IACZ,UAAU;IACV,UAAU;IACV,QAAQ;IACR,WAAW;IACX,aAAa;IACb,UAAU;IACV,WAAW;IACX,UAAU;IACV,yBAAyB;CAC1B,CAAC;AASF;;GAEG;AACH,SAAS,YAAY,CAAC,OAA2B;IAC/C,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAC3B,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAChD,OAAO,mBAAmB,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,SAAS,CAAI,GAAoB;IAC9C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAClD,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACjB,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAS;IAC9D,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE;QACpB,cAAc,EAAE,kBAAkB;QAClC,6BAA6B,EAAE,GAAG;QAClC,8BAA8B,EAAE,oBAAoB;QACpD,8BAA8B,EAAE,0BAA0B;KAC3D,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AAChC,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,cAAc,CAAC,GAAoB,EAAE,GAAmB,EAAE,GAAQ;IAC/E,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;IAC/D,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,CAAC;IAEvE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC,CAAC;QACzD,OAAO;IACT,CAAC;IAED,IAAI,CAAC,YAAY,CAAC,OAAO,IAAI,SAAS,CAAC,EAAE,CAAC;QACxC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACjB,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,iFAAiF;SAC3F,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;IAC9D,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAE9C,mBAAmB;IACnB,UAAU,CAAC;QACT,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,QAAQ,EAAE,mBAAmB;QAC7B,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,QAAQ,OAAO,EAAE;QACzB,OAAO,EAAE,IAAI;QACb,SAAS,EAAE,cAAc;KAC1B,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,OAAO,EAAE,IAAI;QACb,KAAK;QACL,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACzB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,eAAe;YACxB,OAAO,EAAE,CAAC,CAAC,aAAa;SACzB,CAAC,CAAC;QACH,KAAK,EAAE,OAAO,CAAC,MAAM;QACrB,cAAc;KACf,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,aAAa,CAAC,GAAoB,EAAE,GAAmB;IACpE,IAAI,IAAgB,CAAC;IAErB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,SAAS,CAAa,GAAG,CAAC,CAAC;IAC1C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IAEnD,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAChD,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACjB,KAAK,EAAE,yBAAyB;YAChC,QAAQ,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC;SACtD,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACjB,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,iFAAiF;SAC3F,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,IAAI,MAAW,CAAC;IAChB,IAAI,OAA0B,CAAC;IAC/B,IAAI,OAAO,GAAG,IAAI,CAAC;IACnB,IAAI,KAAyB,CAAC;IAE9B,IAAI,CAAC;QACH,IAAI,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxB,OAAO,GAAG,MAAM,CAAC;YACjB,MAAM,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;YACxD,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;YACzB,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,QAAQ,CAAC;YACnB,yDAAyD;YACzD,oDAAoD;YACpD,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;YAC1D,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;YAElE,MAAM,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE;gBACtD,UAAU,EAAE,gBAAgB;gBAC5B,WAAW;gBACX,MAAM,EAAE,QAAQ,OAAO,EAAE;aAC1B,CAAC,CAAC;YACH,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;YACzB,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACvB,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,GAAG,KAAK,CAAC;QAChB,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC;QAClB,MAAM,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAEzC,mBAAmB;IACnB,UAAU,CAAC;QACT,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,QAAQ;QACR,MAAM;QACN,IAAI,EAAE,OAAQ;QACd,MAAM,EAAE,QAAQ,OAAO,EAAE;QACzB,OAAO;QACP,SAAS;QACT,KAAK;KACN,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE;QACjC,OAAO;QACP,QAAQ;QACR,MAAM;QACN,OAAO;QACP,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS;KACV,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,GAAmB;IACxC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACjB,6BAA6B,EAAE,GAAG;QAClC,8BAA8B,EAAE,oBAAoB;QACpD,8BAA8B,EAAE,0BAA0B;QAC1D,wBAAwB,EAAE,OAAO;KAClC,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,EAAE,CAAC;AACZ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAAC,GAAoB,EAAE,GAAmB;IACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,UAAU,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAElE,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;IAE5D,iBAAiB;IACjB,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QAC7B,aAAa,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO;IACT,CAAC;IAED,eAAe;IACf,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC/B,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAClE,OAAO;IACT,CAAC;IAED,iBAAiB;IACjB,IAAI,GAAG,CAAC,QAAQ,KAAK,eAAe,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC7D,MAAM,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACpC,OAAO;IACT,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,KAAK,eAAe,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9D,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC9B,OAAO;IACT,CAAC;IAED,MAAM;IACN,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe,IAAI;IACjD,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAC7C,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAChC,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;YAC9C,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACjF,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;QACvB,OAAO,CAAC,GAAG,CAAC,qDAAqD,IAAI,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAU,EAAE,EAAE;QAChC,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YAChC,OAAO,CAAC,KAAK,CAAC,uBAAuB,IAAI,oBAAoB,CAAC,CAAC;QACjE,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;QACvD,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}

package/landing/src/app/layout.tsx

@@ -5,7 +5,7 @@ import statsData from "@/lib/stats.json";
 
 export const metadata: Metadata = {
   title: "APIClaw | The API Layer for AI Agents",
-  description: `Agents discover and evaluate APIs via MCP. Structured data. Ranked results. ${statsData.apiCount.toLocaleString()}+ APIs across ${statsData.categoryCount}+ categories.`,
+  description: `Your agent's API encyclopedia. Search by capability, call instantly. ${statsData.apiCount.toLocaleString()} APIs indexed • ${statsData.openApiCount.toLocaleString()} Open APIs • ${statsData.directCallCount} Direct Call • MCP native`,
   metadataBase: new URL("https://apiclaw.nordsym.com"),
   icons: {
     icon: [
@@ -18,7 +18,7 @@ export const metadata: Metadata = {
   },
   openGraph: {
     title: "APIClaw | The API Layer for AI Agents",
-    description: `${statsData.apiCount.toLocaleString()}+ APIs. MCP native. Direct Call: providers self-serve their APIs for AI agents.`,
+    description: `Your agent's API encyclopedia. Search by capability, call instantly. ${statsData.apiCount.toLocaleString()} APIs indexed • ${statsData.openApiCount.toLocaleString()} Open APIs • ${statsData.directCallCount} Direct Call • MCP native`,
     type: "website",
     siteName: "APIClaw",
     locale: "en_US",
@@ -34,7 +34,7 @@ export const metadata: Metadata = {
   twitter: {
     card: "summary_large_image",
     title: "APIClaw | The API Layer for AI Agents",
-    description: `Agents discover and evaluate APIs via MCP. ${statsData.apiCount.toLocaleString()}+ APIs. MCP native.`,
+    description: `Your agent's API encyclopedia. Search by capability, call instantly. ${statsData.apiCount.toLocaleString()} APIs indexed • ${statsData.openApiCount.toLocaleString()} Open APIs • ${statsData.directCallCount} Direct Call • MCP native`,
     images: ["/api/og"],
     creator: "@nordsym",
   },
@@ -51,7 +51,7 @@ const schemaOrg = {
       "@type": "WebSite",
       "name": "APIClaw",
       "url": "https://apiclaw.nordsym.com",
-      "description": "The API layer for AI agents. Discover and call APIs via MCP with structured data and ranked results."
+      "description": "Your agent's API encyclopedia. Search by capability, call instantly. 22,392 APIs indexed • 1,636 Open APIs • 18 Direct Call • MCP native"
     },
     {
       "@type": "Organization",
@@ -63,7 +63,7 @@ const schemaOrg = {
       "name": "APIClaw",
       "applicationCategory": "DeveloperApplication",
       "operatingSystem": "Web",
-      "description": "API discovery and execution layer for AI agents. 22,000+ APIs indexed. MCP native. Direct Call providers.",
+      "description": "The API layer for AI agents. 22,392 APIs indexed, 1,636 Open APIs, 18 Direct Call providers. MCP native.",
       "offers": {
         "@type": "Offer",
         "price": "0",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nordsym/apiclaw",
-  "version": "1.5.8",
+  "version": "1.5.9",
   "description": "The API layer for AI agents. Dashboard + 22K APIs + 18 Direct Call providers. MCP native.",
   "type": "module",
   "main": "dist/index.js",
@@ -81,6 +81,7 @@
     "typescript": "^5.3.0"
   },
   "bin": {
-    "apiclaw": "./dist/bin.js"
+    "apiclaw": "./dist/bin.js",
+    "apiclaw-http": "./dist/bin-http.js"
   }
 }

package/src/bin-http.ts

@@ -0,0 +1,45 @@
+#!/usr/bin/env node
+/**
+ * APIClaw HTTP API Server - Standalone executable
+ * Usage: apiclaw-http [--port 3000]
+ */
+
+import { startHTTPServer } from './http-api.js';
+
+const args = process.argv.slice(2);
+let port = 3000;
+
+// Parse args
+for (let i = 0; i < args.length; i++) {
+  if (args[i] === '--port' || args[i] === '-p') {
+    port = parseInt(args[i + 1] || '3000');
+    i++;
+  } else if (args[i] === '--help' || args[i] === '-h') {
+    console.log(`
+🦞 APIClaw HTTP API Server
+
+Usage:
+  apiclaw-http [options]
+
+Options:
+  --port, -p <port>    Port to listen on (default: 3000)
+  --help, -h           Show this help
+
+Examples:
+  apiclaw-http
+  apiclaw-http --port 8080
+
+Endpoints:
+  GET  /api/discover?query=...&agentId=...
+  POST /api/call_api
+       Body: { provider, action, params, agentId }
+  GET  /health
+
+Auth:
+  Whitelist-based for Hivr bees. Contact admin@nordsym.com for access.
+`);
+    process.exit(0);
+  }
+}
+
+startHTTPServer(port);

package/src/http-api.ts

@@ -0,0 +1,302 @@
+/**
+ * APIClaw HTTP API Server
+ * Provides REST endpoints for headless agents (Hivr bees, webhooks, etc)
+ * 
+ * Endpoints:
+ * - GET  /api/discover?query=...&agentId=...
+ * - POST /api/call_api { provider, action, params, agentId }
+ * - GET  /health
+ * 
+ * Auth: Whitelist-based for Hivr bees
+ */
+
+import { createServer, IncomingMessage, ServerResponse } from 'http';
+import { URL } from 'url';
+import { discoverAPIs } from './discovery.js';
+import { isOpenAPI, executeOpenAPI } from './open-apis.js';
+import { executeMetered } from './metered.js';
+import { logAPICall } from './analytics.js';
+import { getMachineFingerprint } from './session.js';
+
+// Hivr bees whitelist - these agents get free unlimited access
+const HIVR_BEES_WHITELIST = [
+  'bytebee',
+  'analyzerbee',
+  'buildbee',
+  'buzzwriter',
+  'hivemind',
+  'hivesage',
+  'symbot',
+  'hivrqueen',
+  'marketmaven',
+  'reconbee',
+  'sprintbee',
+  'quillbee',
+  // Add more as Hivr grows
+];
+
+interface APIRequest {
+  provider: string;
+  action: string;
+  params: Record<string, any>;
+  agentId: string;
+}
+
+/**
+ * Check if agent is authorized (Hivr bee)
+ */
+function isAuthorized(agentId: string | undefined): boolean {
+  if (!agentId) return false;
+  const normalized = agentId.toLowerCase().trim();
+  return HIVR_BEES_WHITELIST.includes(normalized);
+}
+
+/**
+ * Parse JSON body from request
+ */
+async function parseBody<T>(req: IncomingMessage): Promise<T> {
+  return new Promise((resolve, reject) => {
+    let body = '';
+    req.on('data', chunk => body += chunk.toString());
+    req.on('end', () => {
+      try {
+        resolve(JSON.parse(body));
+      } catch (e) {
+        reject(new Error('Invalid JSON'));
+      }
+    });
+    req.on('error', reject);
+  });
+}
+
+/**
+ * Send JSON response
+ */
+function sendJSON(res: ServerResponse, status: number, data: any): void {
+  res.writeHead(status, {
+    'Content-Type': 'application/json',
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+    'Access-Control-Allow-Headers': 'Content-Type, X-Agent-Id',
+  });
+  res.end(JSON.stringify(data));
+}
+
+/**
+ * Handle /api/discover
+ * GET /api/discover?query=web+search&agentId=bytebee&category=Search&maxResults=5
+ */
+async function handleDiscover(req: IncomingMessage, res: ServerResponse, url: URL): Promise<void> {
+  const query = url.searchParams.get('query');
+  const agentId = url.searchParams.get('agentId');
+  const category = url.searchParams.get('category') || undefined;
+  const maxResults = parseInt(url.searchParams.get('maxResults') || '5');
+  
+  if (!query) {
+    sendJSON(res, 400, { error: 'Missing query parameter' });
+    return;
+  }
+  
+  if (!isAuthorized(agentId || undefined)) {
+    sendJSON(res, 403, { 
+      error: 'Unauthorized', 
+      message: 'This endpoint is restricted to Hivr bees. Contact admin@nordsym.com for access.',
+    });
+    return;
+  }
+  
+  const startTime = Date.now();
+  const results = discoverAPIs(query, { category, maxResults });
+  const responseTimeMs = Date.now() - startTime;
+  
+  // Log to analytics
+  logAPICall({
+    timestamp: new Date().toISOString(),
+    provider: 'apiclaw_discovery',
+    action: 'discover',
+    type: 'open',
+    userId: `hivr:${agentId}`,
+    success: true,
+    latencyMs: responseTimeMs,
+  });
+  
+  sendJSON(res, 200, {
+    success: true,
+    query,
+    results: results.map(r => ({
+      provider: r.provider,
+      score: r.relevance_score,
+      reasons: r.match_reasons,
+    })),
+    count: results.length,
+    responseTimeMs,
+  });
+}
+
+/**
+ * Handle /api/call_api
+ * POST /api/call_api
+ * Body: { provider: "brave_search", action: "search", params: { query: "AI news" }, agentId: "bytebee" }
+ */
+async function handleCallAPI(req: IncomingMessage, res: ServerResponse): Promise<void> {
+  let body: APIRequest;
+  
+  try {
+    body = await parseBody<APIRequest>(req);
+  } catch (e) {
+    sendJSON(res, 400, { error: 'Invalid JSON body' });
+    return;
+  }
+  
+  const { provider, action, params, agentId } = body;
+  
+  if (!provider || !action || !params || !agentId) {
+    sendJSON(res, 400, { 
+      error: 'Missing required fields', 
+      required: ['provider', 'action', 'params', 'agentId'] 
+    });
+    return;
+  }
+  
+  if (!isAuthorized(agentId)) {
+    sendJSON(res, 403, { 
+      error: 'Unauthorized', 
+      message: 'This endpoint is restricted to Hivr bees. Contact admin@nordsym.com for access.',
+    });
+    return;
+  }
+  
+  const startTime = Date.now();
+  let result: any;
+  let apiType: 'open' | 'direct';
+  let success = true;
+  let error: string | undefined;
+  
+  try {
+    if (isOpenAPI(provider)) {
+      apiType = 'open';
+      result = await executeOpenAPI(provider, action, params);
+      success = result.success;
+      error = result.error;
+    } else {
+      apiType = 'direct';
+      // For Direct Call APIs, use Hivr's workspace/credentials
+      // TODO: Get Hivr workspace token from env or config
+      const customerKey = process.env.APICLAW_HIVR_CUSTOMER_KEY;
+      const stripeCustomerId = process.env.APICLAW_HIVR_STRIPE_CUSTOMER;
+      
+      result = await executeMetered(provider, action, params, {
+        customerId: stripeCustomerId,
+        customerKey,
+        userId: `hivr:${agentId}`,
+      });
+      success = result.success;
+      error = result.error;
+    }
+  } catch (e: any) {
+    success = false;
+    error = e.message;
+    result = { success: false, error: error };
+  }
+  
+  const latencyMs = Date.now() - startTime;
+  
+  // Log to analytics
+  logAPICall({
+    timestamp: new Date().toISOString(),
+    provider,
+    action,
+    type: apiType!,
+    userId: `hivr:${agentId}`,
+    success,
+    latencyMs,
+    error,
+  });
+  
+  sendJSON(res, success ? 200 : 500, {
+    success,
+    provider,
+    action,
+    agentId,
+    data: result.data,
+    error: result.error,
+    latencyMs,
+  });
+}
+
+/**
+ * Handle OPTIONS (CORS preflight)
+ */
+function handleOptions(res: ServerResponse): void {
+  res.writeHead(204, {
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+    'Access-Control-Allow-Headers': 'Content-Type, X-Agent-Id',
+    'Access-Control-Max-Age': '86400',
+  });
+  res.end();
+}
+
+/**
+ * Main request handler
+ */
+async function handleRequest(req: IncomingMessage, res: ServerResponse): Promise<void> {
+  const url = new URL(req.url || '/', `http://${req.headers.host}`);
+  
+  console.log(`[APIClaw HTTP] ${req.method} ${url.pathname}`);
+  
+  // CORS preflight
+  if (req.method === 'OPTIONS') {
+    handleOptions(res);
+    return;
+  }
+  
+  // Health check
+  if (url.pathname === '/health') {
+    sendJSON(res, 200, { status: 'ok', service: 'apiclaw-http-api' });
+    return;
+  }
+  
+  // Route requests
+  if (url.pathname === '/api/discover' && req.method === 'GET') {
+    await handleDiscover(req, res, url);
+    return;
+  }
+  
+  if (url.pathname === '/api/call_api' && req.method === 'POST') {
+    await handleCallAPI(req, res);
+    return;
+  }
+  
+  // 404
+  sendJSON(res, 404, { error: 'Not found' });
+}
+
+/**
+ * Start HTTP server
+ */
+export function startHTTPServer(port: number = 3000): void {
+  const server = createServer(async (req, res) => {
+    try {
+      await handleRequest(req, res);
+    } catch (error: any) {
+      console.error('[APIClaw HTTP] Error:', error);
+      sendJSON(res, 500, { error: 'Internal server error', message: error.message });
+    }
+  });
+  
+  server.listen(port, () => {
+    console.log(`\n🦞 APIClaw HTTP API running on http://localhost:${port}`);
+    console.log(`   GET  /api/discover?query=...&agentId=...`);
+    console.log(`   POST /api/call_api`);
+    console.log(`   GET  /health\n`);
+  });
+  
+  server.on('error', (error: any) => {
+    if (error.code === 'EADDRINUSE') {
+      console.error(`[APIClaw HTTP] Port ${port} is already in use`);
+    } else {
+      console.error('[APIClaw HTTP] Server error:', error);
+    }
+  });
+}