Reference
Agent integration recipes
Generated rules for safe agent use of the SDK and CLI alpha surface.
Agents may use the SDK or public CLI for read-only database/destination inspection, ad hoc backup trigger, backup status polling, restore session creation, explicit CLI-local restore execution, restore status reads, and evidence metadata reads when provided with an appropriately scoped API key.
Safe CLI Pattern
walwarden --json profile validate
walwarden --json database list
walwarden --json destination list
walwarden --json backup trigger --database "$WALWARDEN_DATABASE_ID" --wait
walwarden --json evidence list --database "$WALWARDEN_DATABASE_ID"Evidence-Before-Success Rule
An agent must not mark a backup, migration, or restore drill successful until it has checked the relevant command result and evidence metadata. Backup completion alone proves only that a job completed; it is not the same as proven recoverability.
Forbidden Claims
- Do not claim the alpha public CLI can wait for or complete restore jobs through
restore create; that command only opens a CLI-local session. Userestore executefor the proven end-to-end local execution bridge (live disposable-target E2E rune2e-20260607T1941-8beaa08, evidence in #320). - Do not claim destination write, verify, attach, detach, or delete commands exist in the public CLI.
- Do not claim login or whoami commands exist.
- Do not claim PITR support.
- Do not claim offline evidence bundle verification through the public CLI/SDK alpha surface.
- Do not claim recoverability unless restore or evidence semantics support that exact claim.
Capability Status From Source Registry
| Capability | Status | Required scopes |
|---|---|---|
Manage protected databases (databases.manage) | planned | databases:read, databases:write |
Run and inspect backup jobs (backups.run) | available | databases:read, backups:trigger |
Inspect backup destinations (destinations.inspect) | available | destinations:read |
Run CLI-local restore jobs (restores.run) | available | restores:write, restores:read, evidence:read |
Read and verify evidence bundles (evidence.verify) | available | evidence:read, audit:read |
Preflight logical recovery eligibility (recovery.preflight) | planned | recovery:read |
Enable logical recovery window (recovery.enable) | planned | recovery:read, recovery:write |
Disable logical recovery window (recovery.disable) | planned | recovery:read, recovery:write |
Read logical recovery status (recovery.status) | planned | recovery:read |
Restore from logical recovery window (recovery.restore) | planned | recovery:read, recovery:write |
Unsupported or planned capabilities stay out of agent success claims until their status changes in packages/core/src/developerSurface.ts.