GitHub Agentic Access
GitHub exposes 2431 API operations that an AI agent could call, of which 1203 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 1228 read, 1101 write, 71 physical, and 31 safety-critical.
31 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| PATCH | /applications/{client_id}/token | safety-critical | required |
| PATCH | /applications/{client_id}/token | safety-critical | required |
| DELETE | /enterprises/{enterprise}/actions/permissions/organizations/{org_id} | safety-critical | required |
| POST | /enterprises/{enterprise}/{security_product}/{enablement} | safety-critical | required |
| DELETE | /installation/token | safety-critical | required |
| DELETE | /installation/token | safety-critical | required |
| DELETE | /orgs/{org}/actions/permissions/repositories/{repository_id} | safety-critical | required |
| DELETE | /orgs/{org}/actions/permissions/repositories/{repository_id} | safety-critical | required |
| DELETE | /orgs/{org}/actions/permissions/repositories/{repository_id} | safety-critical | required |
| POST | /orgs/{org}/{security_product}/{enablement} | safety-critical | required |
| POST | /orgs/{org}/{security_product}/{enablement} | safety-critical | required |
| PUT | /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable | safety-critical | required |
| PUT | /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable | safety-critical | required |
| PUT | /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable | safety-critical | required |
| POST | /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches | safety-critical | required |
| POST | /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches | safety-critical | required |
| POST | /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches | safety-critical | required |
| POST | /repos/{owner}/{repo}/dispatches | safety-critical | required |
| POST | /repos/{owner}/{repo}/dispatches | safety-critical | required |
| POST | /repos/{owner}/{repo}/dispatches | safety-critical | required |
| POST | /repos/{owner}/{repo}/dispatches | safety-critical | required |
| DELETE | /repos/{owner}/{repo}/lfs | safety-critical | required |
| DELETE | /repos/{owner}/{repo}/lfs | safety-critical | required |
| DELETE | /repos/{owner}/{repo}/lfs | safety-critical | required |
| DELETE | /repos/{owner}/{repo}/lfs | safety-critical | required |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/github-app-api-openapi.yml, openapi/github-auth-api-openapi.yml, openapi/github-code-of-conduct-api-openapi.yml,
openapi/github-codes-openapi.yml, openapi/github-emojis-openapi.yml, openapi/github-events-api-openapi.yml,
openapi/github-feeds-openapi.yml, openapi/github-gists-openapi.yml, openapi/github-gitignore-templates-openapi.yml,
openapi/github-installation-openapi.yml, openapi/github-issues-api-openapi.yml, openapi/github-licenses-openapi.yml,
openapi/github-manage-openapi.yml, openapi/github-markdown-openapi.yml, openapi/github-meta-openapi.yml,
openapi/github-networks-openapi.yml, openapi/github-notifications-openapi.yml, openapi/github-octocat-openapi.yml,
openapi/github-openapi.yml, openapi/github-organizations-openapi.yml, openapi/github-projects-openapi.yml,
openapi/github-rate-limit--openapi.yml, openapi/github-repo-actions-api-openapi.yml, openapi/github-repo-autolinks-api-openapi.yml,
openapi/github-repo-branches-api-openapi.yml, openapi/github-repo-code-scanning-api-openapi.yml,
openapi/github-repo-collaborators-api-openapi.yml, openapi/github-repo-dependabot-api-openapi.yml,
openapi/github-repo-hooks-api-openapi.yml, openapi/github-repo-invitations-api-openapi.yml,
openapi/github-repo-issues-api-openapi.yml, openapi/github-repo-projects-api-openapi.yml,
openapi/github-repo-pulls-api-openapi.yml, openapi/github-repo-subscription-api-openapi.yml,
openapi/github-repo-tags-api-openapi.yml, openapi/github-repos-api-openapi.yml, openapi/github-scim-openapi.yml,
openapi/github-search-api-openapi.yml, openapi/github-setup-openapi.yml, openapi/github-teams-openapi.yml,
openapi/github-users-api-openapi.yml, openapi/github-zen-openapi.yml, openapi/temp.json
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 2431
by_action_class:
connected: 1228
acting: 1203
by_consequence:
read: 1228
write: 1101
safety-critical: 31
physical: 71
human_in_the_loop_required: 31
operations:
- path: /app
method: get
operationId: getTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app-manifests/{code}/conversions
method: post
operationId: creategithubAppFrommanifest
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/hook/config
method: get
operationId: getwebhookConfigurationForAnApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/hook/config
method: patch
operationId: updatewebhookConfigurationForAnApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/hook/deliveries
method: get
operationId: listDeliveriesForAnAppWebhook
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/hook/deliveries/{delivery_id}
method: get
operationId: getdeliveryForAnAppWebhook
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/hook/deliveries/{delivery_id}/attempts
method: post
operationId: redeliverdeliveryForAnAppWebhook
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installation-requests
method: get
operationId: listInstallationRequestsForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installations
method: get
operationId: listInstallationsForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installations/{installation_id}
method: get
operationId: getAnInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installations/{installation_id}
method: delete
operationId: deleteAnInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installations/{installation_id}/access_tokens
method: post
operationId: createAnInstallationAccessTokenForAnApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installations/{installation_id}/suspended
method: put
operationId: suspendAnAppInstallation
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installations/{installation_id}/suspended
method: delete
operationId: unsuspendAnAppInstallation
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /applications/grants
method: get
operationId: listYourGrants
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /applications/grants/{grant_id}
method: get
operationId: getsingleGrant
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /applications/grants/{grant_id}
method: delete
operationId: deletegrant
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /applications/{client_id}/grant
method: delete
operationId: deleteAnAppAuthorization
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /applications/{client_id}/token
method: post
operationId: checktoken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /applications/{client_id}/token
method: patch
operationId: resetToken
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /applications/{client_id}/token
method: delete
operationId: deleteAnAppToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /applications/{client_id}/token/scoped
method: post
operationId: createscopedAccessToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /apps/{app_slug}
method: get
operationId: getAnApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/actions/runs/{run_id}/approvals
method: get
operationId: getTheReviewHistoryForworkflowRun
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
method: get
operationId: getAppsWithAccessToTheProtectedBranch
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
method: post
operationId: addAppAccessRestrictions
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
method: put
operationId: setAppAccessRestrictions
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
method: delete
operationId: removeAppAccessRestrictions
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /admin/users/{username}/authorizations
method: post
operationId: createAnImpersonationOauthToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /admin/users/{username}/authorizations
method: delete
operationId: deleteAnImpersonationOauthToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /authorizations
method: get
operationId: listYourAuthorizations
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /authorizations
method: post
operationId: createnewAuthorization
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /authorizations/clients/{client_id}
method: put
operationId: getOrCreateAnAuthorizationForspecificApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /authorizations/clients/{client_id}/{fingerprint}
method: put
operationId: getOrCreateAnAuthorizationForspecificAppAndFingerprint
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /authorizations/{authorization_id}
method: get
operationId: getsingleAuthorization
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /authorizations/{authorization_id}
method: patch
operationId: updateAnExistingAuthorization
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /authorizations/{authorization_id}
method: delete
operationId: deleteAnAuthorization
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /setup/api/settings/authorized-keys
method: get
operationId: getAllAuthorizedSshKeys
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /setup/api/settings/authorized-keys
method: post
operationId: addAnAuthorizedSshKey
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /setup/api/settings/authorized-keys
method: delete
operationId: removeAnAuthorizedSshKey
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /codes_of_conduct
method: get
operationId: getAllCodesOfConduct
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /codes_of_conduct/{key}
method: get
operationId: getCodeOfConduct
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /codes_of_conduct
method: get
operationId: codes-of-conduct/get-all-codes-of-conduct
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /codes_of_conduct/{key}
method: get
operationId: codes-of-conduct/get-conduct-code
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /emojis
method: get
operationId: getEmojis
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/events/{event_id}
method: get
operationId: getAnIssueEvent
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /users/{username}/events/orgs/{org}
method: get
operationId: listOrganizationEventsForTheAuthenticatedUser
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /users/{username}/events/public
method: get
operationId: listPublicEventsForUser
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /feeds
method: get
operationId: getFeeds
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/public
method: get
operationId: listPublicGists
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/starred
method: get
operationId: listStarredGists
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}
method: get
operationId: getgist
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}
method: patch
operationId: updategist
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}
method: delete
operationId: deletegist
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/comments
method: get
operationId: listGistComments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}/comments
method: post
operationId: creategistComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/comments/{comment_id}
method: get
operationId: getgistComment
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}/comments/{comment_id}
method: patch
operationId: updategistComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/comments/{comment_id}
method: delete
operationId: deletegistComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/commits
method: get
operationId: listGistCommits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}/forks
method: get
operationId: listGistForks
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}/forks
method: post
operationId: forkgist
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/star
method: get
operationId: checkIfgistIsStarred
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gists/{gist_id}/star
method: put
operationId: stargist
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/star
method: delete
operationId: unstargist
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /gists/{gist_id}/{sha}
method: get
operationId: getgistRevision
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /gitignore/templates/{name}
method: get
operationId: getGitignoreTemplate
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installation-requests
method: get
operationId: listInstallationRequestsForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installations
method: get
operationId: listInstallationsForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installations/{installation_id}
method: get
operationId: getAnInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /app/installations/{installation_id}
method: delete
operationId: deleteAnInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installations/{installation_id}/access_tokens
method: post
operationId: createAnInstallationAccessTokenForAnApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installations/{installation_id}/suspended
method: put
operationId: suspendAnAppInstallation
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /app/installations/{installation_id}/suspended
method: delete
operationId: unsuspendAnAppInstallation
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /installation/repositories
method: get
operationId: listRepositoriesAccessibleToTheAppInstallation
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /installation/token
method: delete
operationId: revokeAnInstallationAccessToken
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /orgs/{org}/installation
method: get
operationId: getAnOrganizationInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /orgs/{org}/installations
method: get
operationId: listAppInstallationsForAnOrganization
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/installation
method: get
operationId: getrepositoryInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /user/installations
method: get
operationId: listAppInstallationsAccessibleToTheUserAccessToken
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /user/installations/{installation_id}/repositories
method: get
operationId: listRepositoriesAccessibleToTheUserAccessToken
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /user/installations/{installation_id}/repositories/{repository_id}
method: put
operationId: addrepositoryToAnAppInstallation
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /user/installations/{installation_id}/repositories/{repository_id}
method: delete
operationId: removerepositoryFromAnAppInstallation
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /users/{username}/installation
method: get
operationId: getuserInstallationForTheAuthenticatedApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/comments
method: get
operationId: listIssueCommentsForRepository
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/comments/{comment_id}
method: get
operationId: getAnIssueComment
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/comments/{comment_id}
method: patch
operationId: updateAnIssueComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/comments/{comment_id}
method: delete
operationId: deleteAnIssueComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions
method: get
operationId: listReactionsForAnIssueComment
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions
method: post
operationId: createReactionForAnIssueComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}
method: delete
operationId: deleteAnIssueCommentReaction
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/events
method: get
operationId: listIssueEventsForRepository
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/events/{event_id}
method: get
operationId: getAnIssueEvent
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/{issue_number}
method: get
operationId: getAnIssue
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/{issue_number}
method: patch
operationId: updateAnIssue
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/{issue_number}/assignees
method: post
operationId: addAssigneesToAnIssue
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/{issue_number}/assignees
method: delete
operationId: removeAssigneesFromAnIssue
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}
method: get
operationId: checkIfUserCanBeAssignedToIssue
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/{issue_number}/comments
method: get
operationId: listIssueComments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/{issue_number}/comments
method: post
operationId: createAnIssueComment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /repos/{owner}/{repo}/issues/{issue_number}/events
method: get
operationId: listIssueEvents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/issues/{issue_number}/labels
method: get
operationId: listLabelsForAnIssue
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /repos/{owner}/{repo}/i
# --- truncated at 32 KB (751 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/github/refs/heads/main/agentic-access/github-agentic-access.yml