Canonical contracts
Manifest, OpenAPI, llms.txt, and workflow JSON describe supported external behavior.
Agent entrypoint
Operate authored Imogenes through bounded authority contracts.
IMOGENE is an authenticated control plane for authored, persistent Imogenes. Agents discover contracts, authenticate, read canon, issue manifests, run delegated jobs, inspect bounded proof surfaces, and report provenance without inventing identity.
Access boundary
Public agents can discover sanitized contracts. Private operation requires an authorized user session, user-supplied workspace data, and approval boundaries from the control plane.
The Player manifest reports pairing status and never creates a second authority or approval bypass.
Delegated operation
Agents operate canonical objects only after a human grants session-backed access.
Identity cards
Agents inspect durable identity, likeness anchors, missing fields, and approval history.
Callable tools
Agents can run identity, readiness, memory, media, approval, and delegated-job tools.
Player boundary
The Player manifest reports pairing state without changing canonical authority.
Provenance queues
Approvals, artifact waits, user-input waits, and job state stay inspectable.
Public start
What an unauthenticated agent can inspect
1
GETPublic/llms.txt
Orient on IMOGENE
Understand that IMOGENE is the control plane for authored, persistent Imogenes with durable identity, versioned canon, memory boundaries, approvals, media lineage, runtime behavior, delegated jobs, and provenance.
Success: Agent can state that an Imogene is not a fresh agent instance, system-prompt wrapper, AGENTS.md file, or loose prompt template; Morgan is the formal Castor engine, Sarah is the formal Pneuma engine, public discovery is sanitized, and private operation requires an authorized user session.
2
GETPublic/api/agents/openapi.json
Load machine contracts
Import the OpenAPI contract and auth boundaries before attempting operation.
Success: Agent can identify public discovery routes and Clerk-session routes.
3
GETPublic/api/player/manifest
Discover Player runtime boundary
Check Player pairing status before assuming local runtime capabilities.
Success: Agent can state that an unpaired Player advertises no local capabilities and cannot create a second source of canonical authority, expose local files, or bypass approvals.
4
GETPublic/api/agents/tools
Load callable tools
Discover callable IMOGENE tools, input schemas, output schemas, and the authenticated run endpoint.
Success: Agent can name identity, readiness, media, permission, memory, delegated-job, and social account tools.
Delegated operation
What an authorized agent can operate for a user
Authenticated ownerhttps://imogene.cc/sign-in
Authenticate or request access
Obtain an authorized user session before touching Imogene identity, thread, runtime, memory, approval, or provenance data.
Success: Agent has an authorized user session or explicitly reports that operation is blocked by missing auth.
GETAuthenticated owner/api/morgan
List Morgan contracts
Read public-safe Morgan runtime contracts and select the canonical Imogene profile to operate.
Success: Agent has a profileId/personaVersionId pair from a sanitized contract.
GETAuthenticated owner/api/morgan/profile-state?profileId={profileId}
Read Morgan profile state
Inspect operator-readable identity, readiness, media, runtime, world-context, next-action, and generation/recreation cards before changing canon or media.
Success: Agent can summarize what exists, where media came from, whether each asset is recreatable, which approvals apply, and what should happen next without raw local paths or private prompt text.
GETAuthenticated owner/api/agents/identity-lifecycle?profileId={profileId}
Read identity lifecycle
Read the profile lifecycle stage, source coverage, blockers, and next action before changing identity, media, memory, runtime, or publication state.
Success: Agent can name the current lifecycle stage and the next lifecycle action from owner-scoped state.
GETAuthenticated owner/api/agents/control-plane/state?profileId={profileId}
Read control-plane state
Read actor capabilities, authority status, work orders, jobs, approvals, and safe next actions before starting new delegated work.
Success: Agent can decide whether to inspect, request approval, create a work order, materialize a job, or wait without scraping UI state.
POSTAuthenticated owner/api/agents/tools/run
Run an IMOGENE tool
Use a real callable tool instead of scraping UI state or inventing identity context.
Success: Response includes imogene.agent-tool-result/v1 with structured tool output.
POSTAuthenticated owner/api/agents/tools/run
Inspect identity state
Read the current Imogene operating state before importing identity v2, creating media, requesting approvals, or mutating jobs.
Success: Response includes imogene.identity-inspection/v1, identity v2 presence or missing status, readiness/media/memory/runtime summaries, blockers, and safe next actions.
GETAuthenticated owner/api/agents/identity-card?profileId={profileId}
Read agent identity card
Understand what the Imogene is for, which identity assets anchor likeness, what fields are missing, and where user approval is required.
Success: Agent can state that it operates the identity under delegation, does not assume it, and can list the headshot/full-body/reference status plus missing humanizing fields.
POSTAuthenticated owner/api/agents/tools/run
Request identity v2 review
Ask for operator authority before preparing a behavior-affecting identity mutation.
Success: Response includes a pending approval record; canonical identity updates are executed only through operator or server-authority-bound paths.
POSTAuthenticated owner/api/agents/tools/run
Check readiness gates
Know exactly which gates block operation before generating media, publishing, or using the identity commercially.
Success: Response includes draft, identity, media, memory, internet, campaign, publish, and commercial gates with blockers and nextTools.
POSTAuthenticated owner/api/agents/tools/run
Plan media pack
Determine the next required GPT Image 2/image asset without guessing from browser state.
Success: Response names the next required identity-pack slot, its ready/pending/missing state, and the tools needed to generate a GPT Image 2 recipe or approve it.
POSTAuthenticated owner/api/agents/tools/run
Request approval
Represent approval boundaries as durable records instead of loose instructions.
Success: Response includes an opaque approval handle, scope, status, reason, and ref count that can be resolved server-side before gated actions continue.
GETAuthenticated owner/api/agents/operator-actions?profileId={profileId}
Review operator queue
Read approval and operator-action state before continuing gated identity, memory, media, publish, or social work.
Success: Agent can identify waiting actions, safe action handles, and which supported route should be used next without receiving raw approval or mutation refs.
POSTAuthenticated owner/api/agents/drafts/{draftId}/promote
Promote approved draft
Move an approved private external draft into the Morgan authoring flow through the supported authenticated route.
Success: Response returns a promoted Morgan draft or a clear approval/readiness blocker.
POSTAuthenticated owner/api/agents/tools/run
Read and update memory
Use continuity tools to read memory, propose writes, commit only approved writes, and inspect relationship graph state.
Success: Agent can return committed memory sections, explicitly requested pending proposals, timeline entries, and relationship edges without inventing private facts.
POSTAuthenticated owner/api/agents/work-orders
Create bounded work order
Create an inspectable operational plan before downstream jobs, social, browser, Player, or OpenClaw work.
Success: Response returns a sanitized work-order handle, readiness state, blocker list, and expected outcome summary.
GETAuthenticated owner/api/agents/runs/{runId}
Read run graph
Resume or review a delegated objective from structured work-order, job, evidence, approval, and checkpoint state.
Success: Agent can reconstruct the current status and next action without relying on chat transcript state.
POSTAuthenticated owner/api/agents/tools/run
Create non-mutating delegated job
Turn a read-only or plan-only objective into an inspectable multi-step job. Use work-order creation and materialization for mutation-capable executable work.
Success: Response includes route-safe job status, planned-step summaries, next-action hints, and safe artifact summaries, or rejects mutation-capable direct creation with a clear work-order requirement.
POSTAuthenticated owner/api/agents/tools/run
Manage social accounts
Create the agent-operable account interface for registered Instagram and Threads account bindings, including manual user packet flow when Meta API access is unavailable.
Success: Response includes account health, queues, Meta API operations, manual user requirements, bulk actions, connector requirements, and data-agent attributes that a browser agent can operate.
GETAuthenticated owner/api/social/operator-inbox
Read social operator inbox
Inspect manual post packets, watchlist items, native handoffs, and social-related operator actions before planning public-facing work.
Success: Agent can report the owner-scoped social work queue and the next supported route without inventing account state.
POSTAuthenticated owner/api/runtime-manifest
Issue runtime manifest
Create the explicit executable contract IMOGENE is authorized to run for the canonical object.
Success: Response includes manifest and storage state through supported response fields.
GETAuthenticated owner/api/morgan/world-context?profileId={profileId}
Read campaign world context
Ground behavior in user-authored rooms, objects, routines, and campaign context.
Success: Agent can describe which world-context refs will affect runtime behavior, or report none/unavailable explicitly.
Authenticated ownerhttps://imogene.cc/app/chat
Operate proof surface
Use chat only after contract and context are understood.
Success: Agent can produce or inspect a turn without losing Imogene identity, provenance, or continuity context.
GETAuthenticated owner/api/provenance?limit=50
Inspect provenance and continuity
Report what changed, which refs affected behavior, and whether continuity was preserved.
Success: Agent returns a concise user report with manifest, world, chat, and continuity refs.
Human handoffs
Where the user stays in control
- Grant or deny session access.
- Provide campaign goal, cultural lane, voice constraints, and taste judgment.
- Approve publishing, destructive memory actions, forks, exports, or public-facing campaign changes.