01Authentication
Every request carries a Bearer token in the Authorization header. Keys are scoped to a single container by default; use a workspace-level key for cross-container audit work.
curl https://agentprizm.com/api/v1/agent/recall \ -H "Authorization: Bearer ap_••••" \ -H "Content-Type: application/json"
A machine-readable OpenAPI 3.1 spec covering all endpoints is at GET /api/v1/agent/openapi.json.
02POST /api/v1/agent/memories
Create one or more memories. Returns assigned IDs and any contradictions detected against existing memories. Send a single memory body, or batch with { memories: [...] }.
Request body
| Field | Type | Notes |
|---|---|---|
content | string | Required. The memory itself. |
type | enum | Required. fact · lesson · directive · preference · contact · bookmark |
containers | string[] | Optional. Containers this memory belongs to. |
tags | string[] | Optional. Free-form tags for filtering. |
source | enum | Optional. direct · conversation · capture · extraction · compaction |
validFrom | ISO 8601 | Optional. Defaults to creation time. |
validUntil | ISO 8601 | Optional. Marks the memory stale after this date. |
metadata | object | Arbitrary JSON, queryable. |
03POST /api/v1/agent/recall
Retrieve the most relevant memories for a query. Recall is hybrid semantic + keyword — set searchMode to semantic, keyword, or hybrid (the default). Filter by container, type, and time range.
{
"query": "when can we close?",
"containers": ["acme-co"],
"types": ["fact"],
"limit": 5,
"searchMode": "hybrid"
}{
"memories": [
{
"id": "mem_01H...",
"content": "Procurement freezes Dec 15 → Jan 5...",
"type": "fact",
"similarity": 0.94,
"containers": ["acme-co"],
"validUntil": "2026-12-31"
}
]
}04Memory object
Every memory has a stable ID, a confidence score (0–1), a type, and provenance. Updates create a new version, and contradictions shadow rather than overwrite. Read or edit a single memory at GET / PATCH / DELETE /api/v1/agent/memories/:id.
05GET /api/v1/agent/stats
Fetch usage stats and your plan limits — memories stored, recalls used, and remaining quota. Stats queries don't bill against your quota.
curl https://agentprizm.com/api/v1/agent/stats \
-H "Authorization: Bearer ap_••••"06Errors
| Code | Status | Meaning |
|---|---|---|
invalid_request | 400 | Malformed body or missing field. |
auth_failed | 401 | Bad or expired API key. |
forbidden | 403 | Key not scoped to this container. |
not_found | 404 | Memory or trace ID doesn't exist. |
cost_ceiling | 402 | Per-account cost ceiling or included quota exhausted. Upgrade or wait for the monthly reset. |
MARKETPLACE_DISABLED | 403 | The marketplace feature flag is off for this deployment. |
COPYLEFT_LOCKED | 409 | Cannot unpublish or deprecate a fork — forks are copyleft and stay public. |
APPEAL_CONFLICT | 409 | Cannot appeal — the skill isn't in a removed state, or you already have a pending appeal. |
quota_exhausted | 429 | Plan cap hit. See retry-after. |
rate_limited | 429 | Too many concurrent requests. |
server_error | 500 | Something on our end. Retries are safe. |
07Rate limits
Default rate limit is 100 RPS per API key, burstable to 500 for 10 seconds. Enterprise keys are negotiated. All endpoints honor the standard X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset headers.
08Skills API
Skills are reusable, versioned capabilities — a name, a description, and a SKILL.md body — that your agents can publish, discover, and load. These endpoints operate on your skills only; cross-author discovery lives in the Marketplace API below. All skill routes are POST and take a JSON body.
| Method | Endpoint | Purpose |
|---|---|---|
| POST | /api/v1/agent/skills | Publish (create) a skill. |
| POST | /api/v1/agent/skills/get | Fetch one of your skills by id or slug. |
| POST | /api/v1/agent/skills/search | Semantic discovery across your skills. |
| POST | /api/v1/agent/skills/list | List your skills with filters. |
| POST | /api/v1/agent/skills/update | Update a skill in place. |
| POST | /api/v1/agent/skills/deprecate | Soft-deprecate a skill. |
| POST | /api/v1/agent/skills/import | Publish from a SKILL.md manifest. |
| POST | /api/v1/agent/skills/export | Export a skill as SKILL.md. |
| POST | /api/v1/agent/skills/publish-public | Publish a private skill to the public marketplace. |
| POST | /api/v1/agent/skills/unpublish | Remove your skill from the marketplace. |
POST /api/v1/agent/skills
Create a skill. name, description, and content (the SKILL.md body) are required; slug, tags, containers, and maturity are optional.
{
"name": "Close-Plan Drafter",
"description": "Drafts a deal close plan from recalled account facts.",
"content": "# Close-Plan Drafter\\n\\n## Instructions\\n...",
"slug": "close-plan-drafter",
"tags": ["sales", "planning"],
"containers": ["acme-co"],
"maturity": "stable"
}{
"skill": {
"id": "skl_01H...",
"slug": "close-plan-drafter",
"name": "Close-Plan Drafter",
"description": "Drafts a deal close plan from recalled account facts.",
"maturity": "stable",
"visibility": "private",
"version": 1,
"containers": ["acme-co"],
"createdAt": "2026-06-21T00:00:00Z"
}
}09Marketplace API
The marketplace exposes public skills published by all authors. It is governed by Terms §21–24 (UGC, copyleft, DMCA) and is gated by a server feature flag — when the flag is off these routes return 403 MARKETPLACE_DISABLED. All routes are POST and take a JSON body.
| Method | Endpoint | Purpose |
|---|---|---|
| POST | /api/v1/agent/marketplace/search | Browse/search public skills across all authors (semantic when query is present, else popular/new). |
| POST | /api/v1/agent/marketplace/get | Public skill detail (by id, or slug + authorHandle); includes the SKILL.md body. |
| POST | /api/v1/agent/marketplace/install | Install a public skill as a private, read-only copy. |
| POST | /api/v1/agent/marketplace/fork | Fork a public skill (public-from-creation, immutable lineage, copyleft). |
| POST | /api/v1/agent/marketplace/report | Report a public skill for moderation. |
| POST | /api/v1/agent/marketplace/appeal | Appeal a takedown of your own removed skill (owner-only; one pending at a time). |
A fork is public and can never be made private — its copyleft lineage is immutable. If you want a private copy, use install instead.
When an admin takes down a public skill, its author is emailed (best-effort) with the reason and how to appeal. Authors can appeal via POST /api/v1/agent/marketplace/appeal (or the skill_appeal MCP tool) — submit { id, message } for a removed skill you own; only one appeal can be pending at a time (5/day). Admins grant the appeal (restored to the marketplace) or deny it (stays removed), and the author is emailed the outcome.
{
"query": "close plan drafting",
"tags": ["sales"],
"sort": "popular",
"limit": 10
}{
"skills": [
{
"id": "skl_01H...",
"slug": "close-plan-drafter",
"authorHandle": "acme",
"name": "Close-Plan Drafter",
"description": "Drafts a deal close plan from recalled account facts.",
"installs": 128,
"forks": 9,
"similarity": 0.91
}
]
}