Skip to main content
GET /api/contracts/tools
This is the strict SDK/Agent contract manifest. It is the source of truth for canonical dotted tools, auth requirements, permissions, anonymous access, sideEffect, costEffect, SDK mappings, Agent callability, trace events, and replay policy.
This endpoint is contract infrastructure and is now the canonical truth for the published SDK and Agent SDK packages.

Contract versus inventory

SurfaceRole
/api/contracts/toolsStrict SDK/Agent contract truth
/api/toolsBroad hosted compatibility inventory
sf describe --all --jsonLocal installed CLI command manifest
MCP toolsAdapter inventory for MCP hosts
Broad names such as get_world_state and get_regime_history are not SDK/Agent canonical names. SDK and Agent SDK code should use canonical dotted names such as world.read.

Example response

{
  "schemaVersion": "0.3.0-draft",
  "mode": "implemented",
  "tools": [
    {
      "name": "world.read",
      "status": "implemented",
      "stability": "beta",
      "authRequired": false,
      "permissions": ["read.public", "market_data", "read"],
      "access": {
        "anonymousAllowed": false
      },
      "sideEffect": "none",
      "costEffect": "api_cost",
      "risk": [],
      "schema": "WorldState",
      "http": {
        "method": "GET",
        "path": "/api/agent/world"
      },
      "sdk": {
        "package": "@spfunctions/sdk",
        "method": "sf.world.get()"
      },
      "agent": {
        "callable": true,
        "defaultEnabled": true,
        "name": "world.read"
      },
      "traceEvents": [
        "tool.call.started",
        "tool.call.completed",
        "tool.call.failed"
      ],
      "replay": {
        "replayable": true,
        "match": "tool+inputHash"
      }
    }
  ]
}

Access and cost fields

access.anonymousAllowed is an explicit allowlist. A tool is not anonymous just because authRequired is false. The SDK and Agent SDK use these fields differently:
  • SDK no-key bootstrap is limited to manifest inspection and explicitly allowlisted free reads.
  • Agent SDK live execution requires an API-keyed SDK client.
  • costEffect describes cost/quota exposure such as api_cost, search_cost, venue_request_cost, or llm_cost.
  • sideEffect describes product semantics such as none, user_write, runtime, paper_trade, or live_trade.
llm_cost is a costEffect, not a sideEffect.

Implemented mode

By default, the manifest returns implemented contract tools only. Deferred, deprecated, hallucination-risk, and forbidden surfaces are not active by default. Current implemented mode includes active strict contract tools for reads, candle/K-line data, thesis writes, and Kalshi or Polymarket execution/intent management. Live execution tools are not hard-forbidden; they are exposed only when the caller opts into live_trade side effects, cost ceilings, auth, and trade guardrails. Use review modes only for design tooling. Do not treat deferred entries as callable tools.