hive-skills 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +28 -0
- package/README.md +235 -0
- package/assets/LICENSE +32 -0
- package/assets/THIRD_PARTY_NOTICES.md +72 -0
- package/assets/manifest.json +1290 -0
- package/assets/skills/authored/code-review/composable/BUNDLE.md +192 -0
- package/assets/skills/authored/code-review/composable/INDEX.md +13 -0
- package/assets/skills/authored/code-review/composable/VERSION +1 -0
- package/assets/skills/authored/code-review/composable/mini/01-review-method.md +34 -0
- package/assets/skills/authored/code-review/composable/mini/02-security-review.md +20 -0
- package/assets/skills/authored/code-review/composable/mini/03-correctness-bugs.md +19 -0
- package/assets/skills/authored/code-review/composable/mini/04-concurrency.md +16 -0
- package/assets/skills/authored/code-review/composable/mini/05-error-handling.md +12 -0
- package/assets/skills/authored/code-review/composable/mini/06-performance.md +11 -0
- package/assets/skills/authored/code-review/composable/mini/07-api-design.md +20 -0
- package/assets/skills/authored/code-review/composable/mini/08-missing-tests.md +25 -0
- package/assets/skills/authored/code-review/composable/mini/09-refactoring-and-communication.md +32 -0
- package/assets/skills/authored/data-analysis/composable/BUNDLE.md +186 -0
- package/assets/skills/authored/data-analysis/composable/INDEX.md +13 -0
- package/assets/skills/authored/data-analysis/composable/VERSION +1 -0
- package/assets/skills/authored/data-analysis/composable/mini/01-data-quality-profiling.md +26 -0
- package/assets/skills/authored/data-analysis/composable/mini/02-aggregation-pitfalls.md +21 -0
- package/assets/skills/authored/data-analysis/composable/mini/03-time-series.md +19 -0
- package/assets/skills/authored/data-analysis/composable/mini/04-segmentation.md +23 -0
- package/assets/skills/authored/data-analysis/composable/mini/05-discount-pricing.md +17 -0
- package/assets/skills/authored/data-analysis/composable/mini/06-insight-generation.md +25 -0
- package/assets/skills/authored/data-analysis/composable/mini/07-executive-writing.md +26 -0
- package/assets/skills/authored/data-analysis/composable/mini/08-recommendations.md +20 -0
- package/assets/skills/authored/data-analysis/composable/mini/09-reproducibility-assumptions.md +20 -0
- package/assets/skills/authored/financial-analysis/composable/BUNDLE.md +1293 -0
- package/assets/skills/authored/financial-analysis/composable/INDEX.md +17 -0
- package/assets/skills/authored/financial-analysis/composable/VERSION +1 -0
- package/assets/skills/authored/financial-analysis/composable/mini/00-core.md +69 -0
- package/assets/skills/authored/financial-analysis/composable/mini/01-profitability-efficiency-ratios.md +173 -0
- package/assets/skills/authored/financial-analysis/composable/mini/02-liquidity-leverage-ratios.md +120 -0
- package/assets/skills/authored/financial-analysis/composable/mini/03-valuation-ratios-interpretation.md +107 -0
- package/assets/skills/authored/financial-analysis/composable/mini/04-dcf-projection-wacc.md +122 -0
- package/assets/skills/authored/financial-analysis/composable/mini/05-dcf-terminal-value-sensitivity.md +75 -0
- package/assets/skills/authored/financial-analysis/composable/mini/06-comparables-precedents.md +78 -0
- package/assets/skills/authored/financial-analysis/composable/mini/07-budget-variance-analysis.md +47 -0
- package/assets/skills/authored/financial-analysis/composable/mini/08-driver-based-forecasting-scenarios.md +111 -0
- package/assets/skills/authored/financial-analysis/composable/mini/09-rolling-forecasts-accuracy.md +114 -0
- package/assets/skills/authored/financial-analysis/composable/mini/10-reporting-exec-summary.md +58 -0
- package/assets/skills/authored/financial-analysis/composable/mini/11-industry-adaptations.md +130 -0
- package/assets/skills/authored/financial-analysis/composable/mini/12-toolkit-scripts-io.md +102 -0
- package/assets/skills/authored/python-api/composable/BUNDLE.md +389 -0
- package/assets/skills/authored/python-api/composable/INDEX.md +13 -0
- package/assets/skills/authored/python-api/composable/VERSION +1 -0
- package/assets/skills/authored/python-api/composable/mini/01-project-structure.md +44 -0
- package/assets/skills/authored/python-api/composable/mini/02-routing-and-app.md +38 -0
- package/assets/skills/authored/python-api/composable/mini/03-pydantic-models.md +45 -0
- package/assets/skills/authored/python-api/composable/mini/04-validation-and-errors.md +59 -0
- package/assets/skills/authored/python-api/composable/mini/05-dependencies-and-auth.md +60 -0
- package/assets/skills/authored/python-api/composable/mini/06-pagination-filtering.md +44 -0
- package/assets/skills/authored/python-api/composable/mini/07-async-performance.md +30 -0
- package/assets/skills/authored/python-api/composable/mini/08-testing.md +45 -0
- package/assets/skills/authored/python-api/composable/mini/09-middleware-observability.md +29 -0
- package/assets/skills/authored/tech-writing/composable/BUNDLE.md +220 -0
- package/assets/skills/authored/tech-writing/composable/INDEX.md +12 -0
- package/assets/skills/authored/tech-writing/composable/VERSION +1 -0
- package/assets/skills/authored/tech-writing/composable/mini/01-audience-analysis.md +26 -0
- package/assets/skills/authored/tech-writing/composable/mini/02-document-types.md +27 -0
- package/assets/skills/authored/tech-writing/composable/mini/03-readme-quickstart-changelog.md +22 -0
- package/assets/skills/authored/tech-writing/composable/mini/04-information-architecture.md +21 -0
- package/assets/skills/authored/tech-writing/composable/mini/05-style-clarity.md +29 -0
- package/assets/skills/authored/tech-writing/composable/mini/06-breaking-changes-migrations.md +33 -0
- package/assets/skills/authored/tech-writing/composable/mini/07-troubleshooting-security.md +30 -0
- package/assets/skills/authored/tech-writing/composable/mini/08-faq-voice-tone.md +32 -0
- package/assets/skills/converted/claude-api/composable/BUNDLE.md +14996 -0
- package/assets/skills/converted/claude-api/composable/INDEX.md +98 -0
- package/assets/skills/converted/claude-api/composable/VERSION +1 -0
- package/assets/skills/converted/claude-api/composable/mini/00-core.md +235 -0
- package/assets/skills/converted/claude-api/composable/mini/01-model-api-quick-reference.md +258 -0
- package/assets/skills/converted/claude-api/composable/mini/02-common-pitfalls.md +42 -0
- package/assets/skills/converted/claude-api/composable/mini/10-models.md +135 -0
- package/assets/skills/converted/claude-api/composable/mini/11-platform-availability.md +96 -0
- package/assets/skills/converted/claude-api/composable/mini/12-claude-platform-on-aws.md +59 -0
- package/assets/skills/converted/claude-api/composable/mini/13-live-sources.md +143 -0
- package/assets/skills/converted/claude-api/composable/mini/14-error-codes.md +256 -0
- package/assets/skills/converted/claude-api/composable/mini/15-prompt-caching.md +223 -0
- package/assets/skills/converted/claude-api/composable/mini/16-token-counting.md +56 -0
- package/assets/skills/converted/claude-api/composable/mini/17-tool-use-concepts.md +444 -0
- package/assets/skills/converted/claude-api/composable/mini/18-agent-design.md +101 -0
- package/assets/skills/converted/claude-api/composable/mini/19-anthropic-cli.md +246 -0
- package/assets/skills/converted/claude-api/composable/mini/20-model-migration.md +1301 -0
- package/assets/skills/converted/claude-api/composable/mini/30-managed-agents-overview.md +71 -0
- package/assets/skills/converted/claude-api/composable/mini/31-managed-agents-core.md +278 -0
- package/assets/skills/converted/claude-api/composable/mini/32-managed-agents-environments.md +219 -0
- package/assets/skills/converted/claude-api/composable/mini/33-managed-agents-tools.md +366 -0
- package/assets/skills/converted/claude-api/composable/mini/34-managed-agents-events.md +252 -0
- package/assets/skills/converted/claude-api/composable/mini/35-managed-agents-outcomes.md +106 -0
- package/assets/skills/converted/claude-api/composable/mini/36-managed-agents-multiagent.md +101 -0
- package/assets/skills/converted/claude-api/composable/mini/37-managed-agents-webhooks.md +123 -0
- package/assets/skills/converted/claude-api/composable/mini/38-managed-agents-memory.md +197 -0
- package/assets/skills/converted/claude-api/composable/mini/39-managed-agents-scheduled-deployments.md +146 -0
- package/assets/skills/converted/claude-api/composable/mini/40-managed-agents-client-patterns.md +211 -0
- package/assets/skills/converted/claude-api/composable/mini/41-managed-agents-onboarding.md +82 -0
- package/assets/skills/converted/claude-api/composable/mini/42-managed-agents-api-reference.md +441 -0
- package/assets/skills/converted/claude-api/composable/mini/43-managed-agents-self-hosted-sandboxes.md +174 -0
- package/assets/skills/converted/claude-api/composable/mini/50-python-readme.md +564 -0
- package/assets/skills/converted/claude-api/composable/mini/51-python-tool-use.md +590 -0
- package/assets/skills/converted/claude-api/composable/mini/52-python-streaming-batches-files.md +549 -0
- package/assets/skills/converted/claude-api/composable/mini/53-python-managed-agents.md +335 -0
- package/assets/skills/converted/claude-api/composable/mini/55-typescript-readme.md +404 -0
- package/assets/skills/converted/claude-api/composable/mini/56-typescript-tool-use.md +548 -0
- package/assets/skills/converted/claude-api/composable/mini/57-typescript-streaming-batches-files.md +384 -0
- package/assets/skills/converted/claude-api/composable/mini/58-typescript-managed-agents.md +358 -0
- package/assets/skills/converted/claude-api/composable/mini/60-csharp-readme.md +361 -0
- package/assets/skills/converted/claude-api/composable/mini/61-csharp-tool-use.md +163 -0
- package/assets/skills/converted/claude-api/composable/mini/62-csharp-streaming-batches-files.md +64 -0
- package/assets/skills/converted/claude-api/composable/mini/65-go-readme.md +185 -0
- package/assets/skills/converted/claude-api/composable/mini/66-go-tool-use.md +219 -0
- package/assets/skills/converted/claude-api/composable/mini/67-go-streaming-files.md +63 -0
- package/assets/skills/converted/claude-api/composable/mini/68-go-managed-agents.md +564 -0
- package/assets/skills/converted/claude-api/composable/mini/70-java-readme.md +237 -0
- package/assets/skills/converted/claude-api/composable/mini/71-java-tool-use.md +227 -0
- package/assets/skills/converted/claude-api/composable/mini/72-java-streaming-files.md +49 -0
- package/assets/skills/converted/claude-api/composable/mini/73-java-managed-agents.md +443 -0
- package/assets/skills/converted/claude-api/composable/mini/75-php-readme.md +173 -0
- package/assets/skills/converted/claude-api/composable/mini/76-php-tool-use.md +252 -0
- package/assets/skills/converted/claude-api/composable/mini/77-php-streaming-batches-files.md +53 -0
- package/assets/skills/converted/claude-api/composable/mini/78-php-managed-agents.md +443 -0
- package/assets/skills/converted/claude-api/composable/mini/80-ruby-readme.md +133 -0
- package/assets/skills/converted/claude-api/composable/mini/81-ruby-tool-use-streaming.md +56 -0
- package/assets/skills/converted/claude-api/composable/mini/82-ruby-managed-agents.md +394 -0
- package/assets/skills/converted/claude-api/composable/mini/85-curl-examples.md +255 -0
- package/assets/skills/converted/claude-api/composable/mini/86-curl-managed-agents.md +340 -0
- package/assets/skills/converted/claude-api/composable/presets/csharp.md +1151 -0
- package/assets/skills/converted/claude-api/composable/presets/curl.md +1154 -0
- package/assets/skills/converted/claude-api/composable/presets/go.md +1598 -0
- package/assets/skills/converted/claude-api/composable/presets/java.md +1523 -0
- package/assets/skills/converted/claude-api/composable/presets/php.md +1488 -0
- package/assets/skills/converted/claude-api/composable/presets/python.md +2605 -0
- package/assets/skills/converted/claude-api/composable/presets/ruby.md +1146 -0
- package/assets/skills/converted/claude-api/composable/presets/shared.md +6478 -0
- package/assets/skills/converted/claude-api/composable/presets/typescript.md +2261 -0
- package/assets/skills/converted/docx/composable/BUNDLE.md +617 -0
- package/assets/skills/converted/docx/composable/INDEX.md +12 -0
- package/assets/skills/converted/docx/composable/VERSION +1 -0
- package/assets/skills/converted/docx/composable/mini/00-core.md +26 -0
- package/assets/skills/converted/docx/composable/mini/01-reading-converting.md +36 -0
- package/assets/skills/converted/docx/composable/mini/02-creating-setup-layout.md +85 -0
- package/assets/skills/converted/docx/composable/mini/03-creating-elements.md +257 -0
- package/assets/skills/converted/docx/composable/mini/04-editing-existing.md +57 -0
- package/assets/skills/converted/docx/composable/mini/05-xml-reference.md +128 -0
- package/assets/skills/converted/internal-comms/composable/BUNDLE.md +220 -0
- package/assets/skills/converted/internal-comms/composable/INDEX.md +11 -0
- package/assets/skills/converted/internal-comms/composable/VERSION +1 -0
- package/assets/skills/converted/internal-comms/composable/mini/00-core.md +30 -0
- package/assets/skills/converted/internal-comms/composable/mini/01-3p-updates.md +49 -0
- package/assets/skills/converted/internal-comms/composable/mini/02-company-newsletter.md +67 -0
- package/assets/skills/converted/internal-comms/composable/mini/03-faq-answers.md +32 -0
- package/assets/skills/converted/internal-comms/composable/mini/04-general-comms.md +18 -0
- package/assets/skills/converted/mcp-builder/composable/BUNDLE.md +2460 -0
- package/assets/skills/converted/mcp-builder/composable/INDEX.md +23 -0
- package/assets/skills/converted/mcp-builder/composable/VERSION +1 -0
- package/assets/skills/converted/mcp-builder/composable/mini/00-core.md +43 -0
- package/assets/skills/converted/mcp-builder/composable/mini/01-workflow-research-planning.md +54 -0
- package/assets/skills/converted/mcp-builder/composable/mini/02-implementation-process.md +78 -0
- package/assets/skills/converted/mcp-builder/composable/mini/03-naming-conventions.md +33 -0
- package/assets/skills/converted/mcp-builder/composable/mini/04-response-formats.md +21 -0
- package/assets/skills/converted/mcp-builder/composable/mini/05-pagination.md +24 -0
- package/assets/skills/converted/mcp-builder/composable/mini/06-transport.md +47 -0
- package/assets/skills/converted/mcp-builder/composable/mini/07-annotations.md +20 -0
- package/assets/skills/converted/mcp-builder/composable/mini/08-security.md +35 -0
- package/assets/skills/converted/mcp-builder/composable/mini/09-error-handling.md +32 -0
- package/assets/skills/converted/mcp-builder/composable/mini/10-testing-and-documentation.md +21 -0
- package/assets/skills/converted/mcp-builder/composable/mini/11-python-implementation.md +432 -0
- package/assets/skills/converted/mcp-builder/composable/mini/12-python-advanced-and-checklist.md +233 -0
- package/assets/skills/converted/mcp-builder/composable/mini/13-node-implementation.md +717 -0
- package/assets/skills/converted/mcp-builder/composable/mini/14-node-advanced-and-checklist.md +200 -0
- package/assets/skills/converted/mcp-builder/composable/mini/15-evaluation-design.md +200 -0
- package/assets/skills/converted/mcp-builder/composable/mini/16-evaluation-running.md +198 -0
- package/assets/skills/converted/mcp-builder/composable/presets/node-server.md +1381 -0
- package/assets/skills/converted/mcp-builder/composable/presets/python-server.md +1129 -0
- package/assets/skills/converted/pdf/composable/BUNDLE.md +1284 -0
- package/assets/skills/converted/pdf/composable/INDEX.md +14 -0
- package/assets/skills/converted/pdf/composable/VERSION +1 -0
- package/assets/skills/converted/pdf/composable/mini/00-core.md +46 -0
- package/assets/skills/converted/pdf/composable/mini/01-creation.md +176 -0
- package/assets/skills/converted/pdf/composable/mini/02-extraction.md +178 -0
- package/assets/skills/converted/pdf/composable/mini/03-merge-split-manipulate.md +240 -0
- package/assets/skills/converted/pdf/composable/mini/04-images-ocr.md +168 -0
- package/assets/skills/converted/pdf/composable/mini/05-encryption.md +51 -0
- package/assets/skills/converted/pdf/composable/mini/06-forms.md +300 -0
- package/assets/skills/converted/pdf/composable/mini/07-libraries-reference.md +89 -0
- package/assets/skills/converted/pptx/composable/BUNDLE.md +911 -0
- package/assets/skills/converted/pptx/composable/INDEX.md +12 -0
- package/assets/skills/converted/pptx/composable/VERSION +1 -0
- package/assets/skills/converted/pptx/composable/mini/00-core.md +37 -0
- package/assets/skills/converted/pptx/composable/mini/01-reading.md +37 -0
- package/assets/skills/converted/pptx/composable/mini/02-creating-from-scratch.md +422 -0
- package/assets/skills/converted/pptx/composable/mini/03-editing-templates.md +207 -0
- package/assets/skills/converted/pptx/composable/mini/04-design.md +89 -0
- package/assets/skills/converted/pptx/composable/mini/05-qa-and-rendering.md +91 -0
- package/assets/skills/converted/pptx/composable/presets/creating.md +659 -0
- package/assets/skills/converted/pptx/composable/presets/editing.md +485 -0
- package/assets/skills/converted/skill-creator/composable/BUNDLE.md +1681 -0
- package/assets/skills/converted/skill-creator/composable/INDEX.md +21 -0
- package/assets/skills/converted/skill-creator/composable/VERSION +1 -0
- package/assets/skills/converted/skill-creator/composable/mini/00-core.md +59 -0
- package/assets/skills/converted/skill-creator/composable/mini/01-creating-a-skill.md +27 -0
- package/assets/skills/converted/skill-creator/composable/mini/02-skill-writing-guide.md +71 -0
- package/assets/skills/converted/skill-creator/composable/mini/03-test-cases.md +21 -0
- package/assets/skills/converted/skill-creator/composable/mini/04-running-and-evaluating.md +128 -0
- package/assets/skills/converted/skill-creator/composable/mini/05-improving-the-skill.md +30 -0
- package/assets/skills/converted/skill-creator/composable/mini/06-blind-comparison.md +5 -0
- package/assets/skills/converted/skill-creator/composable/mini/07-description-optimization.md +74 -0
- package/assets/skills/converted/skill-creator/composable/mini/08-packaging.md +11 -0
- package/assets/skills/converted/skill-creator/composable/mini/09-environment-specific.md +38 -0
- package/assets/skills/converted/skill-creator/composable/mini/10-scripts-and-references.md +34 -0
- package/assets/skills/converted/skill-creator/composable/mini/11-json-schemas.md +414 -0
- package/assets/skills/converted/skill-creator/composable/mini/12-agent-grader.md +225 -0
- package/assets/skills/converted/skill-creator/composable/mini/13-agent-comparator.md +204 -0
- package/assets/skills/converted/skill-creator/composable/mini/14-agent-analyzer.md +276 -0
- package/assets/skills/converted/skill-creator/composable/presets/authoring.md +198 -0
- package/assets/skills/converted/skill-creator/composable/presets/evaluating.md +1334 -0
- package/assets/skills/converted/skill-creator/composable/presets/optimizing.md +160 -0
- package/assets/skills/converted/skill-creator/composable/presets.json +5 -0
- package/assets/skills/meta/ccs-skill-creator/composable/BUNDLE.md +465 -0
- package/assets/skills/meta/ccs-skill-creator/composable/INDEX.md +8 -0
- package/assets/skills/meta/ccs-skill-creator/composable/VERSION +1 -0
- package/assets/skills/meta/ccs-skill-creator/composable/mini/00-core.md +46 -0
- package/assets/skills/meta/ccs-skill-creator/composable/mini/01-create-new-skill.md +167 -0
- package/assets/skills/meta/ccs-skill-creator/composable/mini/02-convert-existing-skill.md +120 -0
- package/assets/skills/meta/ccs-skill-creator/composable/mini/03-review-and-maintain.md +112 -0
- package/assets/skills/sources/anthropic/PROVENANCE.md +3 -0
- package/assets/skills/sources/anthropic/claude-api/LICENSE.txt +202 -0
- package/assets/skills/sources/anthropic/docx/LICENSE.txt +30 -0
- package/assets/skills/sources/anthropic/internal-comms/LICENSE.txt +202 -0
- package/assets/skills/sources/anthropic/mcp-builder/LICENSE.txt +202 -0
- package/assets/skills/sources/anthropic/pdf/LICENSE.txt +30 -0
- package/assets/skills/sources/anthropic/pptx/LICENSE.txt +30 -0
- package/assets/skills/sources/anthropic/skill-creator/LICENSE.txt +202 -0
- package/assets/skills/sources/financial-analyst/PROVENANCE.md +1 -0
- package/assets/tools/hive.py +728 -0
- package/dist/cli.js +7494 -0
- package/package.json +40 -0
|
@@ -0,0 +1,366 @@
|
|
|
1
|
+
# Managed Agents — Tools & Skills
|
|
2
|
+
|
|
3
|
+
## Tools
|
|
4
|
+
|
|
5
|
+
### Server tools vs client tools
|
|
6
|
+
|
|
7
|
+
| Type | Who runs it | How it works |
|
|
8
|
+
|---|---|---|
|
|
9
|
+
| **Prebuilt Claude Agent tools** (`agent_toolset_20260401`) | Anthropic, on the session's container (for `cloud` envs; for `self_hosted`, **your** worker supplies and runs them — see `shared/managed-agents-self-hosted-sandboxes.md`) | File ops, bash, web search, etc. Enable all at once or configure individually with `enabled: true/false`. |
|
|
10
|
+
| **MCP tools** (`mcp_toolset`) | Anthropic's orchestration layer | Capabilities exposed by connected MCP servers. Grant access per-server via the toolset. |
|
|
11
|
+
| **Custom tools** | **You** — your application handles the call and returns results | Agent emits a `agent.custom_tool_use` event, session goes `idle`, you send back a `user.custom_tool_result` event. |
|
|
12
|
+
|
|
13
|
+
**Recommendation:** Enable all prebuilt tools via `agent_toolset_20260401`, then disable individually as needed.
|
|
14
|
+
|
|
15
|
+
**Versioning:** The toolset is a versioned, static resource. When underlying tools change, a new toolset version is created (hence `_20260401`) so you always know exactly what you're getting.
|
|
16
|
+
|
|
17
|
+
### Agent Toolset
|
|
18
|
+
|
|
19
|
+
The `agent_toolset_20260401` provides these built-in tools:
|
|
20
|
+
|
|
21
|
+
| Tool | Description |
|
|
22
|
+
| ---------------------- | ---------------------------------------- |
|
|
23
|
+
| `bash` | Execute bash commands in a shell session |
|
|
24
|
+
| `read` | Read a file from the local filesystem, including text, images, PDFs, and Jupyter notebooks |
|
|
25
|
+
| `write` | Write a file to the local filesystem |
|
|
26
|
+
| `edit` | Perform string replacement in a file |
|
|
27
|
+
| `glob` | Fast file pattern matching using glob patterns |
|
|
28
|
+
| `grep` | Text search using regex patterns |
|
|
29
|
+
| `web_fetch` | Fetch content from a URL |
|
|
30
|
+
| `web_search` | Search the web for information |
|
|
31
|
+
|
|
32
|
+
Enable the full toolset:
|
|
33
|
+
|
|
34
|
+
```json
|
|
35
|
+
{
|
|
36
|
+
"tools": [
|
|
37
|
+
{ "type": "agent_toolset_20260401" }
|
|
38
|
+
]
|
|
39
|
+
}
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
### Per-Tool Configuration
|
|
43
|
+
|
|
44
|
+
Override defaults for individual tools. This example enables everything except bash:
|
|
45
|
+
|
|
46
|
+
```json
|
|
47
|
+
{
|
|
48
|
+
"tools": [
|
|
49
|
+
{
|
|
50
|
+
"type": "agent_toolset_20260401",
|
|
51
|
+
"default_config": { "enabled": true },
|
|
52
|
+
"configs": [
|
|
53
|
+
{ "name": "bash", "enabled": false }
|
|
54
|
+
]
|
|
55
|
+
}
|
|
56
|
+
]
|
|
57
|
+
}
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
| Field | Required | Description |
|
|
61
|
+
|---|---|---|
|
|
62
|
+
| `type` | ✅ | `"agent_toolset_20260401"` |
|
|
63
|
+
| `default_config` | ❌ | Applied to all tools. `{ "enabled": bool, "permission_policy": {...} }` |
|
|
64
|
+
| `configs` | ❌ | Per-tool overrides: `[{ "name": "...", "enabled": bool, "permission_policy": {...} }]` |
|
|
65
|
+
|
|
66
|
+
### Permission Policies
|
|
67
|
+
|
|
68
|
+
Control when server-executed tools (agent toolset + MCP) run automatically vs wait for approval. Does not apply to custom tools.
|
|
69
|
+
|
|
70
|
+
| Policy | Behavior |
|
|
71
|
+
|---|---|
|
|
72
|
+
| `always_allow` | Tool executes automatically (default) |
|
|
73
|
+
| `always_ask` | Session emits `session.status_idle` and pauses until you send a `tool_confirmation` event |
|
|
74
|
+
|
|
75
|
+
```json
|
|
76
|
+
{
|
|
77
|
+
"type": "agent_toolset_20260401",
|
|
78
|
+
"default_config": {
|
|
79
|
+
"enabled": true,
|
|
80
|
+
"permission_policy": { "type": "always_allow" }
|
|
81
|
+
},
|
|
82
|
+
"configs": [
|
|
83
|
+
{ "name": "bash", "permission_policy": { "type": "always_ask" } }
|
|
84
|
+
]
|
|
85
|
+
}
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
**Responding to `always_ask`:** Send a `user.tool_confirmation` event with `tool_use_id` from the triggering `agent_tool_use`/`mcp_tool_use` event:
|
|
89
|
+
|
|
90
|
+
```json
|
|
91
|
+
{ "type": "tool_confirmation", "tool_use_id": "sevt_abc123", "result": "allow" }
|
|
92
|
+
{ "type": "tool_confirmation", "tool_use_id": "sevt_def456", "result": "deny", "message": "Read .env.example instead" }
|
|
93
|
+
```
|
|
94
|
+
|
|
95
|
+
The optional `message` on a deny is delivered to the agent so it can adjust its approach.
|
|
96
|
+
|
|
97
|
+
To enable only specific tools, flip the default off and opt-in per tool:
|
|
98
|
+
|
|
99
|
+
```json
|
|
100
|
+
{
|
|
101
|
+
"tools": [
|
|
102
|
+
{
|
|
103
|
+
"type": "agent_toolset_20260401",
|
|
104
|
+
"default_config": { "enabled": false },
|
|
105
|
+
"configs": [
|
|
106
|
+
{ "name": "bash", "enabled": true },
|
|
107
|
+
{ "name": "read", "enabled": true }
|
|
108
|
+
]
|
|
109
|
+
}
|
|
110
|
+
]
|
|
111
|
+
}
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
### Custom Tools (Client-Side)
|
|
115
|
+
|
|
116
|
+
Custom tools are executed by **your application**, not Anthropic. The flow:
|
|
117
|
+
|
|
118
|
+
1. Agent decides to use the tool → session emits a `agent.custom_tool_use` event with inputs
|
|
119
|
+
2. Session goes `idle` waiting for you
|
|
120
|
+
3. Your application executes the tool
|
|
121
|
+
4. You send back a `user.custom_tool_result` event with the output
|
|
122
|
+
5. Session resumes `running`
|
|
123
|
+
|
|
124
|
+
No permission policy needed — you're the one executing.
|
|
125
|
+
|
|
126
|
+
```json
|
|
127
|
+
{
|
|
128
|
+
"tools": [
|
|
129
|
+
{
|
|
130
|
+
"type": "custom",
|
|
131
|
+
"name": "get_weather",
|
|
132
|
+
"description": "Fetch current weather for a city.",
|
|
133
|
+
"input_schema": {
|
|
134
|
+
"type": "object",
|
|
135
|
+
"properties": {
|
|
136
|
+
"city": { "type": "string", "description": "City name" }
|
|
137
|
+
},
|
|
138
|
+
"required": ["city"]
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
]
|
|
142
|
+
}
|
|
143
|
+
```
|
|
144
|
+
|
|
145
|
+
### MCP Servers
|
|
146
|
+
|
|
147
|
+
MCP (Model Context Protocol) servers expose standardized third-party capabilities (e.g. Asana, GitHub, Linear). **Configuration is split across agent and vault:**
|
|
148
|
+
|
|
149
|
+
1. **Agent creation** declares which servers to connect to (`type`, `name`, `url` — no auth). The agent's `mcp_servers` array has no auth field.
|
|
150
|
+
2. **Vault** stores the OAuth credentials. Attach via `vault_ids` on session create.
|
|
151
|
+
|
|
152
|
+
This keeps secrets out of reusable agent definitions. Each vault credential is tied to one MCP server URL; Anthropic matches credentials to servers by URL.
|
|
153
|
+
|
|
154
|
+
**Agent side — declare servers (no auth):**
|
|
155
|
+
|
|
156
|
+
| Field | Required | Description |
|
|
157
|
+
|---|---|---|
|
|
158
|
+
| `type` | ✅ | `"url"` |
|
|
159
|
+
| `name` | ✅ | Unique name — referenced by `mcp_toolset.mcp_server_name` |
|
|
160
|
+
| `url` | ✅ | The MCP server's endpoint URL (Streamable HTTP transport) |
|
|
161
|
+
|
|
162
|
+
```json
|
|
163
|
+
{
|
|
164
|
+
"mcp_servers": [
|
|
165
|
+
{ "type": "url", "name": "linear", "url": "https://mcp.linear.app/mcp" }
|
|
166
|
+
],
|
|
167
|
+
"tools": [
|
|
168
|
+
{ "type": "mcp_toolset", "mcp_server_name": "linear" }
|
|
169
|
+
]
|
|
170
|
+
}
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
**Session side — attach vault:**
|
|
174
|
+
|
|
175
|
+
```json
|
|
176
|
+
{
|
|
177
|
+
"agent": "agent_abc123",
|
|
178
|
+
"environment_id": "env_abc123",
|
|
179
|
+
"vault_ids": ["vlt_abc123"]
|
|
180
|
+
}
|
|
181
|
+
```
|
|
182
|
+
|
|
183
|
+
> 💡 **Per-tool enablement (empirical):** `mcp_toolset` has been observed accepting `default_config: {enabled: false}` + `configs: [{name, enabled: true}]` for an allowlist pattern. The API ref shows only the minimal `{type, mcp_server_name}` form.
|
|
184
|
+
|
|
185
|
+
> 💡 **Changing tools/MCP servers on a running session:** `sessions.update()` can replace `agent.tools`, `agent.mcp_servers`, and `vault_ids` while the session is `idle` — a session-local override that doesn't touch the agent object. See `shared/managed-agents-core.md` → Updating the agent configuration mid-session.
|
|
186
|
+
|
|
187
|
+
**Large MCP tool outputs.** If an MCP tool returns more than **100K tokens**, the output is automatically offloaded to a file in the sandbox — the agent receives a truncated preview plus the file path and can `read` the full content. No configuration required.
|
|
188
|
+
|
|
189
|
+
**Invalid vault credentials don't block session creation.** If a vault credential is invalid for a declared MCP server, the session still creates successfully; a `session.error` event describes the MCP auth failure, and auth retries on the next `session.status_idle` → `session.status_running` transition.
|
|
190
|
+
|
|
191
|
+
> ⚠️ **MCP auth tokens ≠ REST API tokens.** Hosted MCP servers (`mcp.notion.com`, `mcp.linear.app`, etc.) typically require **OAuth bearer tokens**, not the service's native API keys. A Notion `ntn_` integration token authenticates against Notion's REST API but will **not** work as a vault credential for the Notion MCP server. These are different auth systems.
|
|
192
|
+
|
|
193
|
+
### Vaults — the credential store
|
|
194
|
+
|
|
195
|
+
**Vaults** store credentials that Anthropic manages on your behalf. Two credential categories:
|
|
196
|
+
|
|
197
|
+
- **MCP credentials** (`mcp_oauth`, `static_bearer`) — keyed by `mcp_server_url`. When the agent connects to a server at that URL, the token is injected automatically. `mcp_oauth` tokens are auto-refreshed via the standard OAuth 2.0 `refresh_token` grant. This is the only way to authenticate MCP servers.
|
|
198
|
+
- **Environment variables** (`environment_variable`) — keyed by `secret_name` (the env var name). The sandbox sees only an **opaque placeholder**; the real secret is substituted into the outbound request **at egress**. Use this for any service that authenticates through an environment variable: CLIs (`aws`, `gcloud`, `stripe`), SDKs, or direct `curl` calls from the `bash` tool.
|
|
199
|
+
|
|
200
|
+
Secret fields you supply (`token`, `access_token`, `refresh_token`, `client_secret`, `secret_value`) are write-only — never returned in API responses.
|
|
201
|
+
|
|
202
|
+
#### Credentials and the sandbox
|
|
203
|
+
|
|
204
|
+
Vaults store credentials; those credentials **never enter the sandbox**. This is a deliberate security boundary — code running in the sandbox (including anything the agent writes) cannot read or exfiltrate a vaulted credential, even under prompt injection. Instead, credentials are injected by Anthropic-side proxies **after** a request leaves the sandbox:
|
|
205
|
+
|
|
206
|
+
- **MCP tool calls** are routed through an Anthropic-side proxy that fetches the credential from the vault and adds it to the outbound request.
|
|
207
|
+
- **Git operations on attached GitHub repositories** (`git pull`, `git push`, GitHub REST calls) are routed through a git proxy that injects the `github_repository` resource's `authorization_token` the same way.
|
|
208
|
+
- **Environment-variable credentials** appear in the sandbox as an opaque placeholder; the real value replaces the placeholder at egress, on requests to the credential's allowed hosts only.
|
|
209
|
+
|
|
210
|
+
**When vault credentials don't fit** (e.g. self-hosted sandboxes — `environment_variable` is not yet supported there), **register a custom tool:** the agent emits `agent.custom_tool_use`, your orchestrator (which already holds the credential) executes the call and returns `user.custom_tool_result` over the same authenticated event stream. No public endpoint is exposed; the sandbox never sees the secret. See `shared/managed-agents-client-patterns.md` → Pattern 9.
|
|
211
|
+
|
|
212
|
+
**Do not put API keys in the system prompt or user messages as a workaround** — they persist in the session's event history.
|
|
213
|
+
|
|
214
|
+
> Formerly known internally as TATs (Tool/Tenant Access Tokens).
|
|
215
|
+
|
|
216
|
+
**Flow:**
|
|
217
|
+
|
|
218
|
+
1. Create a vault (`client.beta.vaults.create(...)`) — one per tenant/user, or one shared, depending on your model
|
|
219
|
+
2. Add credentials to it (`client.beta.vaults.credentials.create(...)`) — MCP credentials are keyed by MCP server URL; environment-variable credentials by `secret_name`
|
|
220
|
+
3. Reference the vault on session create via `vault_ids: ["vlt_..."]`
|
|
221
|
+
4. Anthropic auto-refreshes OAuth tokens before they expire and substitutes secrets at runtime
|
|
222
|
+
|
|
223
|
+
**MCP OAuth credential shape**:
|
|
224
|
+
|
|
225
|
+
```json
|
|
226
|
+
{
|
|
227
|
+
"display_name": "Notion (workspace-foo)",
|
|
228
|
+
"auth": {
|
|
229
|
+
"type": "mcp_oauth",
|
|
230
|
+
"mcp_server_url": "https://mcp.notion.com/mcp",
|
|
231
|
+
"access_token": "<current access token>",
|
|
232
|
+
"expires_at": "2026-04-02T14:00:00Z",
|
|
233
|
+
"refresh": {
|
|
234
|
+
"refresh_token": "<refresh token>",
|
|
235
|
+
"client_id": "<your OAuth client_id>",
|
|
236
|
+
"token_endpoint": "https://api.notion.com/v1/oauth/token",
|
|
237
|
+
"token_endpoint_auth": { "type": "none" }
|
|
238
|
+
}
|
|
239
|
+
}
|
|
240
|
+
}
|
|
241
|
+
```
|
|
242
|
+
|
|
243
|
+
The `refresh` block is what enables auto-refresh — `token_endpoint` is where Anthropic posts the `refresh_token` grant. `token_endpoint_auth` is a discriminated union:
|
|
244
|
+
|
|
245
|
+
| `type` | Shape | Use when |
|
|
246
|
+
|---|---|---|
|
|
247
|
+
| `"none"` | `{type: "none"}` | Public OAuth client (no secret) |
|
|
248
|
+
| `"client_secret_basic"` | `{type: "client_secret_basic", client_secret: "..."}` | Confidential client, secret via HTTP Basic auth |
|
|
249
|
+
| `"client_secret_post"` | `{type: "client_secret_post", client_secret: "..."}` | Confidential client, secret in request body |
|
|
250
|
+
|
|
251
|
+
Omit `refresh` entirely if you only have an access token with no refresh capability — it'll work until it expires, then the agent loses access.
|
|
252
|
+
|
|
253
|
+
> 💡 **Getting an OAuth token.** How you obtain the initial access and refresh tokens depends on the MCP server — consult its documentation. Once you have them, store them in a vault credential using the shape above; Anthropic auto-refreshes via the `refresh.token_endpoint` from there.
|
|
254
|
+
|
|
255
|
+
**Environment-variable credential shape**:
|
|
256
|
+
|
|
257
|
+
```json
|
|
258
|
+
{
|
|
259
|
+
"display_name": "Twilio API key for sandbox",
|
|
260
|
+
"auth": {
|
|
261
|
+
"type": "environment_variable",
|
|
262
|
+
"secret_name": "TWILIO_API_KEY",
|
|
263
|
+
"secret_value": "sk-your-secret-here",
|
|
264
|
+
"networking": {
|
|
265
|
+
"type": "limited",
|
|
266
|
+
"allowed_hosts": ["api.twilio.com", "*.twilio.com"]
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
}
|
|
270
|
+
```
|
|
271
|
+
|
|
272
|
+
`networking.allowed_hosts` controls which outbound hosts the secret can be substituted for — `{"type": "limited", "allowed_hosts": [...]}` or `{"type": "unrestricted"}` if you can't enumerate the domains in advance. Limiting is strongly recommended: it prevents the key from ever being sent to unauthorized hosts.
|
|
273
|
+
|
|
274
|
+
**`injection_location`** (optional, sibling of `networking`) controls **where** in the outbound request the secret is substituted — `{header: bool, body: bool}`. The two are independent: `allowed_hosts` scopes *which hosts* a substituted request can target; `injection_location` scopes *which parts of the request* the secret is substituted into across all of those hosts. Most services read an API key from a request header, so `{"header": true}` is the narrower configuration — request bodies are often assembled from content the agent is working with, making the body the broader exposure surface. A placeholder in a disabled location is **neither substituted nor stripped** — the literal opaque placeholder string is sent to the third party in that location.
|
|
275
|
+
|
|
276
|
+
| Operation | `injection_location` semantics |
|
|
277
|
+
|---|---|
|
|
278
|
+
| Create credential | Omit the field entirely → both locations enabled. Provide the object → any field you omit defaults to `false` (`{"header": true}` creates a header-only credential). |
|
|
279
|
+
| Update credential | Fields **merge individually** — `{"body": false}` disables body substitution and leaves `header` unchanged. For a running session, the update takes effect on the session's next operation. |
|
|
280
|
+
|
|
281
|
+
A credential must have at least one location enabled; a create or update that would disable both returns 400, as does explicit `null` for the object or either field (omit instead). The response always returns both fields with their resolved values.
|
|
282
|
+
|
|
283
|
+
> ⚠️ **Two networking layers, both required.** `networking.allowed_hosts` on the credential controls which requests *use the secret*, not which requests are *allowed*. The agent must also be able to reach the domain at the **environment level** (`unrestricted`, or the host listed in the environment's `allowed_hosts` — see `shared/managed-agents-environments.md`). A domain missing from either layer means the secret-substituted request fails.
|
|
284
|
+
|
|
285
|
+
> ⚠️ **Client-side validation caveat.** Substitution happens at egress, not inside the sandbox — clients that validate the credential *format* locally before making a network request (e.g. a CLI that checks the key starts with `sk-`) will see the opaque placeholder and may fail at startup. If a client rejects the credential before any network call, that's why.
|
|
286
|
+
|
|
287
|
+
> 💡 **Scope the key minimally.** The agent can do anything the key allows; a key with broader permissions than the task needs increases the blast radius if the agent behaves unexpectedly.
|
|
288
|
+
|
|
289
|
+
**Not supported with self-hosted sandboxes** — `environment_variable` credentials require Anthropic-managed egress. See `shared/managed-agents-self-hosted-sandboxes.md`.
|
|
290
|
+
|
|
291
|
+
**Constraints (all credential types):**
|
|
292
|
+
|
|
293
|
+
- **Unique key per vault.** `mcp_server_url` (MCP credentials) and `secret_name` (environment-variable credentials) must be unique among active credentials in a vault; duplicates return a 409.
|
|
294
|
+
- **Keys are immutable.** Secret values, `display_name`, and (on environment-variable credentials) `injection_location` can be updated; to change `mcp_server_url`, `secret_name`, `token_endpoint`, or `client_id`, archive the credential and create a new one. Archiving purges the secret and frees the key for a replacement.
|
|
295
|
+
- **Maximum 20 credentials per vault.**
|
|
296
|
+
- Credentials are stored as provided and **not validated until session runtime** — an invalid credential surfaces as an authentication or downstream error during the session, which is emitted but does not block the session from continuing.
|
|
297
|
+
|
|
298
|
+
**Scoping:** Vaults are workspace-scoped. Anyone with developer+ role in the API workspace can create, read (metadata only — secrets are write-only), and attach vaults. `vault_ids` can be set at session **create** time but not via session update (the SDK docstring says "Not yet supported; requests setting this field are rejected").
|
|
299
|
+
|
|
300
|
+
---
|
|
301
|
+
|
|
302
|
+
## Skills
|
|
303
|
+
|
|
304
|
+
Skills are reusable, filesystem-based resources that provide your agent with domain-specific expertise: workflows, context, and best practices that transform general-purpose agents into specialists. Unlike prompts (conversation-level instructions for one-off tasks), skills load on-demand and eliminate the need to repeatedly provide the same guidance across multiple conversations.
|
|
305
|
+
|
|
306
|
+
Two types — both work the same way; the agent automatically uses them when relevant to the task at hand:
|
|
307
|
+
|
|
308
|
+
| Type | What it is |
|
|
309
|
+
|---|---|
|
|
310
|
+
| **Pre-built Anthropic skills** | Common document tasks (PowerPoint, Excel, Word, PDF). Reference by name (e.g. `xlsx`). |
|
|
311
|
+
| **Custom skills** | Skills you've created in your organization via the Skills API. Reference by `skill_id` + optional `version`. |
|
|
312
|
+
|
|
313
|
+
**Max 20 skills per agent.** Agent creation uses `managed-agents-2026-04-01`; the separate Skills API (for managing custom skill definitions) uses `skills-2025-10-02`.
|
|
314
|
+
|
|
315
|
+
### Enabling skills on a session
|
|
316
|
+
|
|
317
|
+
Skills are attached to the **agent** definition via `agents.create()`:
|
|
318
|
+
|
|
319
|
+
```ts
|
|
320
|
+
const agent = await client.beta.agents.create(
|
|
321
|
+
{
|
|
322
|
+
name: "Financial Agent",
|
|
323
|
+
model: "claude-opus-4-8",
|
|
324
|
+
system: "You are a financial analysis agent.",
|
|
325
|
+
skills: [
|
|
326
|
+
{ type: "anthropic", skill_id: "xlsx" },
|
|
327
|
+
{ type: "custom", skill_id: "skill_abc123", version: "latest" },
|
|
328
|
+
],
|
|
329
|
+
}
|
|
330
|
+
);
|
|
331
|
+
```
|
|
332
|
+
|
|
333
|
+
Python:
|
|
334
|
+
|
|
335
|
+
```python
|
|
336
|
+
agent = client.beta.agents.create(
|
|
337
|
+
name="Financial Agent",
|
|
338
|
+
model="claude-opus-4-8",
|
|
339
|
+
system="You are a financial analysis agent.",
|
|
340
|
+
skills=[
|
|
341
|
+
{"type": "anthropic", "skill_id": "xlsx"},
|
|
342
|
+
{"type": "custom", "skill_id": "skill_abc123", "version": "latest"},
|
|
343
|
+
]
|
|
344
|
+
)
|
|
345
|
+
```
|
|
346
|
+
|
|
347
|
+
**Skill reference fields:**
|
|
348
|
+
|
|
349
|
+
| Field | Anthropic skill | Custom skill |
|
|
350
|
+
|---|---|---|
|
|
351
|
+
| `type` | `"anthropic"` | `"custom"` |
|
|
352
|
+
| `skill_id` | Skill name (e.g. `"xlsx"`, `"docx"`, `"pptx"`, `"pdf"`) | Skill ID from Skills API (e.g. `"skill_abc123"`) |
|
|
353
|
+
| `version` | — | `"latest"` or a specific version number |
|
|
354
|
+
|
|
355
|
+
### Skills API
|
|
356
|
+
|
|
357
|
+
| Operation | Method | Path |
|
|
358
|
+
| --------------------- | -------- | ----------------------------------------------- |
|
|
359
|
+
| Create Skill | `POST` | `/v1/skills` |
|
|
360
|
+
| List Skills | `GET` | `/v1/skills` |
|
|
361
|
+
| Get Skill | `GET` | `/v1/skills/{id}` |
|
|
362
|
+
| Delete Skill | `DELETE` | `/v1/skills/{id}` |
|
|
363
|
+
| Create Version | `POST` | `/v1/skills/{id}/versions` |
|
|
364
|
+
| List Versions | `GET` | `/v1/skills/{id}/versions` |
|
|
365
|
+
| Get Version | `GET` | `/v1/skills/{id}/versions/{version}` |
|
|
366
|
+
| Delete Version | `DELETE` | `/v1/skills/{id}/versions/{version}` |
|
|
@@ -0,0 +1,252 @@
|
|
|
1
|
+
# Managed Agents — Events & Steering
|
|
2
|
+
|
|
3
|
+
## Events
|
|
4
|
+
|
|
5
|
+
### Sending Events
|
|
6
|
+
|
|
7
|
+
Send events to a session via `POST /v1/sessions/{id}/events`.
|
|
8
|
+
|
|
9
|
+
| Event Type | When to Send |
|
|
10
|
+
| ------------------------- | --------------------------------------------------- |
|
|
11
|
+
| `user.message` | Send a user message |
|
|
12
|
+
| `user.interrupt` | Interrupt the agent while it's running |
|
|
13
|
+
| `user.tool_confirmation` | Approve/deny a tool call (when `always_ask` policy) |
|
|
14
|
+
| `user.custom_tool_result` | Provide result for a custom tool call |
|
|
15
|
+
| `user.define_outcome` | Start a rubric-graded iterate loop — see `shared/managed-agents-outcomes.md` |
|
|
16
|
+
| `system.message` | Update the agent's system prompt between turns — **Claude Opus 4.8 only**; see § Updating the system prompt mid-session |
|
|
17
|
+
|
|
18
|
+
#### Updating the system prompt mid-session (`system.message`)
|
|
19
|
+
|
|
20
|
+
Unlike the `system` field on the agent definition (fixed at session creation), a `system.message` event changes the system prompt **as the session progresses** — a different persona, revised constraints, or runtime-fetched context that should shape behavior going forward:
|
|
21
|
+
|
|
22
|
+
```python
|
|
23
|
+
client.beta.sessions.events.send(
|
|
24
|
+
session.id,
|
|
25
|
+
events=[
|
|
26
|
+
{
|
|
27
|
+
"type": "system.message",
|
|
28
|
+
"content": [
|
|
29
|
+
{"type": "text", "text": "The user's current timezone is America/New_York."},
|
|
30
|
+
],
|
|
31
|
+
},
|
|
32
|
+
],
|
|
33
|
+
)
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
Constraints:
|
|
37
|
+
|
|
38
|
+
- **Claude Opus 4.8 only.** If any model configured on the agent does not support mid-conversation system injection, the event is rejected with a `model_does_not_support_mid_conversation_system` validation error.
|
|
39
|
+
- **Cannot be sent while the session is idle with `stop_reason: requires_action`** (blocked on `user.custom_tool_result` / `user.tool_confirmation`).
|
|
40
|
+
- `content` accepts 1–1000 text items.
|
|
41
|
+
|
|
42
|
+
### Receiving Events
|
|
43
|
+
|
|
44
|
+
Three methods:
|
|
45
|
+
|
|
46
|
+
1. **Streaming (SSE)**: `GET /v1/sessions/{id}/events/stream` — real-time Server-Sent Events. **Long-lived** — the server sends periodic heartbeats to keep the connection alive.
|
|
47
|
+
2. **Polling**: `GET /v1/sessions/{id}/events` — paginated event list (query params: `limit` default 1000, `page`). **Returns immediately** — this is a plain paginated GET, not a long-poll.
|
|
48
|
+
3. **Webhooks**: Anthropic POSTs session state transitions to your HTTPS endpoint — thin payloads (IDs only), HMAC-signed, Console-registered. See `shared/managed-agents-webhooks.md`.
|
|
49
|
+
|
|
50
|
+
All **persisted** events carry `id`, `type`, and `processed_at` (ISO 8601; `null` if not yet processed by the agent). The stream-only `event_start` / `event_delta` preview events (see § Live previews) carry only the `id` of the event they preview.
|
|
51
|
+
|
|
52
|
+
> ⚠️ **Robust polling (raw HTTP).** If you bypass the SDK and roll your own poll loop, don't rely on `requests` or `httpx` timeouts as wall-clock caps — they're **per-chunk** read timeouts, reset every time a byte arrives. A trickling response (heartbeats, a wedged chunked-encoding body, a misbehaving proxy) can keep the call blocked indefinitely even with `timeout=(5, 60)` or `httpx.Timeout(120)`. Neither library has a "total wall-clock" timeout built in. For a hard deadline: track `time.monotonic()` at the loop level and break/cancel if a single request exceeds your budget (e.g. via a watchdog thread, or `asyncio.wait_for()` around async httpx). **Prefer the SDK** — `client.beta.sessions.events.stream()` and `client.beta.sessions.events.list()` handle timeout + retry sanely.
|
|
53
|
+
>
|
|
54
|
+
> If `GET /v1/sessions/{id}/events` (paginated) ever hangs after headers, you've likely hit `GET /v1/sessions/{id}/events` by mistake or a server-side stall — report it; don't treat it as a client-config problem.
|
|
55
|
+
|
|
56
|
+
### Event Types (Received)
|
|
57
|
+
|
|
58
|
+
Event types use dot notation, grouped by namespace:
|
|
59
|
+
|
|
60
|
+
| Event Type | Description |
|
|
61
|
+
| --- | --- |
|
|
62
|
+
| `agent.message` | Agent text output |
|
|
63
|
+
| `agent.thinking` | Extended thinking blocks |
|
|
64
|
+
| `agent.tool_use` | Agent used a built-in tool (`agent_toolset_20260401`) |
|
|
65
|
+
| `agent.tool_result` | Result from a built-in tool |
|
|
66
|
+
| `agent.mcp_tool_use` | Agent used an MCP tool |
|
|
67
|
+
| `agent.mcp_tool_result` | Result from an MCP tool |
|
|
68
|
+
| `agent.custom_tool_use` | Agent invoked a custom tool — session goes idle, you respond with `user.custom_tool_result` |
|
|
69
|
+
| `agent.thread_context_compacted` | Conversation context was compacted |
|
|
70
|
+
| `session.status_idle` | Agent has finished the current task, and is awaiting input. It's either waiting for input to continue working via a `user.message` or blocked awaiting a `user.custom_tool_result` or `user.tool_confirmation`. The `stop_reason` attached contains more information about why the Agent has stopped working. |
|
|
71
|
+
| `session.status_running` | Session has starting running, and the Agent is actively doing work. |
|
|
72
|
+
| `session.status_rescheduled` | Session is (re)scheduling after a retryable error has occurred, ready to be picked up by the orchestration system. |
|
|
73
|
+
| `session.status_terminated` | Session has terminated, entering an irreversible and unusable state. |
|
|
74
|
+
| `session.error` | Error occurred during processing |
|
|
75
|
+
| `span.model_request_start` | Model inference started |
|
|
76
|
+
| `span.model_request_end` | Model inference completed |
|
|
77
|
+
| `span.outcome_evaluation_start` / `_ongoing` / `_end` | Grader progress for outcome-oriented sessions — see `shared/managed-agents-outcomes.md` |
|
|
78
|
+
| `session.thread_created` | Subagent thread spawned (multiagent) — see `shared/managed-agents-multiagent.md` |
|
|
79
|
+
| `session.thread_status_running` / `_idle` / `_rescheduled` / `_terminated` | Subagent thread status transitions (multiagent). `_idle` carries `stop_reason`. |
|
|
80
|
+
| `agent.thread_message_sent` / `_received` | Cross-thread message, carries `to_session_thread_id` / `from_session_thread_id` (multiagent) |
|
|
81
|
+
|
|
82
|
+
The stream also echoes back user-sent events (`user.message`, `user.interrupt`, `user.tool_confirmation`, `user.custom_tool_result`, `user.define_outcome`).
|
|
83
|
+
|
|
84
|
+
Stream-only delta preview events (`event_start`, `event_delta`) are the one exception to the `{domain}.{action}` naming convention — see § Live previews below; they never appear in `GET /v1/sessions/{id}/events`.
|
|
85
|
+
|
|
86
|
+
---
|
|
87
|
+
|
|
88
|
+
## Live previews
|
|
89
|
+
|
|
90
|
+
By default, assistant text reaches the stream as buffered `agent.message` events — emitted only after the model request that produced them finishes. **Live previews** let you render that text incrementally while the model is still generating. The buffered `agent.message` is always the authoritative record; a client that ignores previews still receives a complete, correct stream. The wire format is **not** Messages-API streaming: the delta type is `content_delta`, not `content_block_delta`, so Messages-API accumulator code does not carry over unchanged.
|
|
91
|
+
|
|
92
|
+
**Opt in per stream connection** by adding the `event_deltas[]` query parameter to `GET /v1/sessions/{id}/events/stream`, repeated once per event type to preview. Accepted values: `agent.message`, `agent.thinking` (any other value → 400). Only the session-level stream supports it — per-thread streams (`/threads/{tid}/stream`) reject the parameter.
|
|
93
|
+
|
|
94
|
+
```python
|
|
95
|
+
stream = client.beta.sessions.events.stream(
|
|
96
|
+
session_id=session.id,
|
|
97
|
+
event_deltas=["agent.message"],
|
|
98
|
+
)
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
When a previewed event begins, the stream emits an `event_start` carrying the upcoming event's `type` and `id`; for `agent.message` it's followed by `event_delta` events carrying incremental text:
|
|
102
|
+
|
|
103
|
+
```json
|
|
104
|
+
{"type": "event_start", "event": {"type": "agent.message", "id": "sevt_01abc..."}}
|
|
105
|
+
{"type": "event_delta", "event_id": "sevt_01abc...", "delta": {"type": "content_delta", "index": 0, "content": {"type": "text", "text": "Here is the summary"}}}
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
`event_start` and `event_delta` have no `id` or `processed_at` of their own — the only identifier they carry is the `id` of the event they preview. For `agent.thinking`, **only** the `event_start` is emitted (a "thinking has started" signal) — no deltas follow; read content from the buffered `agent.thinking` event.
|
|
109
|
+
|
|
110
|
+
**Accumulate-and-reconcile pattern.** Treat the preview as a scratch buffer keyed by `(event_id, index)`. On `event_start`, create an empty entry for the announced `id`. On each `event_delta`, append `delta.content.text` to `(event_id, delta.index)` and render the running text. When the buffered `agent.message` arrives, match it by `id`, **discard the accumulated preview**, and render the message's content instead. The identifiers always line up: `event_start.event.id`, every `event_delta.event_id`, and the buffered event's `id` are the same value. On a normal turn the order is fixed: `session.status_running` → `span.model_request_start` → `event_start` → `event_delta`* → buffered `agent.message` → `span.model_request_end`. If the turn errors or is interrupted the buffered event may never arrive, but `span.model_request_end` still does — close any unreconciled preview when you see it. Python/TypeScript/Go SDKs ship an accumulator helper that implements this; in other SDKs apply the manual pattern to the generated event types.
|
|
111
|
+
|
|
112
|
+
**Limitations:**
|
|
113
|
+
- **Best effort** — under load the server may shed deltas for an event; you receive a contiguous prefix and then no further deltas for that event. The buffered `agent.message` still arrives complete. Never treat an accumulated preview as final.
|
|
114
|
+
- **No replay on reconnect** — deltas are delivered only to the connection that opted in, while it's open. After a drop, follow the consolidation pattern in § Reconnecting after a dropped stream — the history fetch returns any buffered events emitted during the gap; missed deltas cannot be re-requested.
|
|
115
|
+
- **Primary thread, text only** — tool use, tool results, MCP results, and subagent-thread activity are never previewed.
|
|
116
|
+
- **Never persisted** — `event_start` / `event_delta` exist only on the live SSE stream, never in `GET /v1/sessions/{id}/events`.
|
|
117
|
+
|
|
118
|
+
---
|
|
119
|
+
|
|
120
|
+
## Steering Patterns
|
|
121
|
+
|
|
122
|
+
Practical patterns for driving a session via the events surface.
|
|
123
|
+
|
|
124
|
+
### Stream-first ordering
|
|
125
|
+
|
|
126
|
+
**Open the stream before sending events.** The stream only delivers events that occur *after* it's opened — it does not replay current state or historical events. If you send a message first and open the stream second, early events (including fast status transitions) arrive buffered in a single batch and you lose the ability to react to them in real time.
|
|
127
|
+
|
|
128
|
+
```ts
|
|
129
|
+
// ✅ Correct — stream and send concurrently
|
|
130
|
+
const [response] = await Promise.all([
|
|
131
|
+
streamEvents(sessionId), // opens SSE connection
|
|
132
|
+
sendMessage(sessionId, text),
|
|
133
|
+
]);
|
|
134
|
+
|
|
135
|
+
// ❌ Wrong — events before stream opens arrive as a single buffered batch
|
|
136
|
+
await sendMessage(sessionId, text);
|
|
137
|
+
const response = await streamEvents(sessionId);
|
|
138
|
+
```
|
|
139
|
+
|
|
140
|
+
**For full history,** use `GET /v1/sessions/{id}/events` (paginated list) — the stream only gives you live events from connection onward.
|
|
141
|
+
|
|
142
|
+
### Reconnecting after a dropped stream
|
|
143
|
+
|
|
144
|
+
**The SSE stream has no replay.** If your connection drops (httpx read timeout, network blip) and you reconnect, you only get events emitted *after* reconnection. Any events emitted during the gap are lost from the stream.
|
|
145
|
+
|
|
146
|
+
**The consolidation pattern:** on every (re)connect, overlap the stream with a history fetch and dedupe by event ID:
|
|
147
|
+
|
|
148
|
+
```python
|
|
149
|
+
def connect_with_consolidation(client, session_id):
|
|
150
|
+
# 1. Open the SSE stream first
|
|
151
|
+
stream = client.beta.sessions.events.stream(session_id=session_id)
|
|
152
|
+
|
|
153
|
+
# 2. Fetch history to cover any gap
|
|
154
|
+
history = client.beta.sessions.events.list(
|
|
155
|
+
session_id=session_id,
|
|
156
|
+
)
|
|
157
|
+
|
|
158
|
+
# 3. Yield history first, then stream — dedupe by event.id
|
|
159
|
+
seen = set()
|
|
160
|
+
for ev in history.data:
|
|
161
|
+
seen.add(ev.id)
|
|
162
|
+
yield ev
|
|
163
|
+
for ev in stream:
|
|
164
|
+
if ev.id not in seen:
|
|
165
|
+
seen.add(ev.id)
|
|
166
|
+
yield ev
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
### Message queuing
|
|
170
|
+
|
|
171
|
+
**You don't have to wait for a response before sending the next message.** User events are queued server-side and processed in order. This is useful for chat bridges where the user sends rapid follow-ups:
|
|
172
|
+
|
|
173
|
+
```ts
|
|
174
|
+
// All three go into one session; agent processes them in order
|
|
175
|
+
await sendMessage(sessionId, "Summarize the README");
|
|
176
|
+
await sendMessage(sessionId, "Actually also check the CONTRIBUTING guide");
|
|
177
|
+
await sendMessage(sessionId, "And compare the two");
|
|
178
|
+
// Stream once — agent responds to all three as a coherent turn
|
|
179
|
+
```
|
|
180
|
+
|
|
181
|
+
Events can be sent up to the Session at any time. There is no need to wait on a specific session status to enqueue new events via `client.beta.sessions.events.send()`
|
|
182
|
+
|
|
183
|
+
### Interrupt
|
|
184
|
+
|
|
185
|
+
An `interrupt` event **jumps the queue** (ahead of any pending user messages) and forces the session into `idle`. Use this for "stop" / "nevermind" / "cancel" commands:
|
|
186
|
+
|
|
187
|
+
```ts
|
|
188
|
+
await client.beta.sessions.events.send(sessionId, {
|
|
189
|
+
events: [{ type: 'interrupt' }],
|
|
190
|
+
});
|
|
191
|
+
```
|
|
192
|
+
|
|
193
|
+
The agent stops mid-task. It does not see the interrupt as a message — it just halts. Send a follow-up `user` event to explain what to do instead. If an outcome is active, the interrupt also marks `span.outcome_evaluation_end.result: "interrupted"` (see `shared/managed-agents-outcomes.md`).
|
|
194
|
+
|
|
195
|
+
> **Note**: Interrupt events may have empty IDs in the current implementation. When troubleshooting, use the `processed_at` timestamp along with surrounding event IDs.
|
|
196
|
+
|
|
197
|
+
### Event payloads
|
|
198
|
+
|
|
199
|
+
some events carry useful metadata beyond the status change itself:
|
|
200
|
+
|
|
201
|
+
`session.status_idle` — includes a `stop_reason` field which elaborates on why the session stopped and what type of further action is required by the user.
|
|
202
|
+
```json
|
|
203
|
+
{
|
|
204
|
+
"id": "sevt_456",
|
|
205
|
+
"processed_at": "2026-04-07T04:27:43.197Z",
|
|
206
|
+
"stop_reason": {
|
|
207
|
+
"event_ids": [
|
|
208
|
+
"sevt_123"
|
|
209
|
+
],
|
|
210
|
+
"type": "requires_action"
|
|
211
|
+
},
|
|
212
|
+
"type": "status_idle"
|
|
213
|
+
}
|
|
214
|
+
```
|
|
215
|
+
|
|
216
|
+
`span.model_request_end` contains a `model_usage` field for cost tracking and efficiency analysis:
|
|
217
|
+
|
|
218
|
+
```json
|
|
219
|
+
{
|
|
220
|
+
"type": "span.model_request_end",
|
|
221
|
+
"id": "sevt_456",
|
|
222
|
+
"is_error": false,
|
|
223
|
+
"model_request_start_id": "sevt_123",
|
|
224
|
+
"model_usage": {
|
|
225
|
+
"cache_creation_input_tokens": 0,
|
|
226
|
+
"cache_read_input_tokens": 6656,
|
|
227
|
+
"input_tokens": 3571,
|
|
228
|
+
"output_tokens": 727
|
|
229
|
+
},
|
|
230
|
+
"processed_at": "2026-04-07T04:11:32.189Z"
|
|
231
|
+
}
|
|
232
|
+
```
|
|
233
|
+
|
|
234
|
+
**`agent.thread_context_compacted`** — emitted when the conversation history was summarized to fit context. Includes `pre_compaction_tokens` so you know how much was squeezed:
|
|
235
|
+
|
|
236
|
+
```json
|
|
237
|
+
{
|
|
238
|
+
"id": "sevt_abc123",
|
|
239
|
+
"processed_at": "2026-03-24T14:05:15.787Z",
|
|
240
|
+
"type": "agent.thread_context_compacted"
|
|
241
|
+
}
|
|
242
|
+
```
|
|
243
|
+
|
|
244
|
+
### Archive
|
|
245
|
+
|
|
246
|
+
When done with a session, archive it to free resources:
|
|
247
|
+
|
|
248
|
+
```ts
|
|
249
|
+
await client.beta.sessions.archive(sessionId);
|
|
250
|
+
```
|
|
251
|
+
|
|
252
|
+
> Archiving a **session** is routine cleanup — sessions are per-run and disposable. **Do not generalize this to agents or environments**: those are persistent, reusable resources, and archiving them is permanent (no unarchive; new sessions cannot reference them). See `shared/managed-agents-overview.md` → Common Pitfalls.
|