Agent and API policy

Agent, API, and MCP safety policy

Limowo supports safe marketplace discovery for humans and agents, while keeping writes, publication, payments, account administration, and MCP access behind explicit controls and release gates.

Last updated: 1 July 2026

Open agent portal

Public discovery

/agents, /llms.txt, OpenAPI

Writes

Feature-gated and human-approved

Excluded

Shell, SQL, filesystem, arbitrary HTTP

Current public agent surfaces

Limowo exposes public agent discovery surfaces for safe reading and integration planning: the agent portal, terminal page, llms.txt, the well-known agent manifest, and the agent command OpenAPI route.

Allowed public behavior

Public agents may discover marketplace capabilities, inspect documented command schemas, search public listings or categories where enabled, and route people to Limowo pages for review. Public agents must not impersonate users or perform private actions without authorization.

Human approval for writes

Listing draft creation, publication, messaging, or other state-changing actions must be feature-gated, scoped, prepared, reviewed, approved by a human where required, idempotent, and auditable before execution.

Strictly excluded capabilities

Agent/API integrations must not expose arbitrary shell execution, SQL, unrestricted GraphQL, filesystem access, unrestricted outbound HTTP, account administration, autonomous publication, autonomous purchase, payment authority, shipping-label purchase, or dispute handling.

MCP release gates

Remote MCP and any local stdio bridge remain release-gated. They should only expose registry-backed tools after protocol, authorization, session, Origin, content-negotiation, cancellation, observability, and rollback checks pass.

Data and privacy boundaries

Agents should receive only the minimum data needed for the command and scope. Private account, message, payment, producer, and support data must remain protected by authentication, authorization, feature flags, audit logs, and privacy controls.

Operational readiness

Before broad production rollout, Limowo should complete delegated authorization, durable command state, approval records, grant revocation, rate limits, abuse monitoring, incident response, compatibility policy, localized owner surfaces, and production acceptance tests.

Cookie notice

We use cookies for analytics so we can understand how you use limowo.ch. You can accept to help us improve, or reject if you prefer.

Agent, API, and MCP safety policy | Limowo