Action Type Registry

Action types are strings that identify what an agent wants to do. They follow the convention provider.resource.verb and are used by the policy engine to match rules and by the Gateway to route execution to the correct connector.

Tip
Action types are user-defined strings. You can use any string you want. The types listed below are the ones the built-in Gateway connectors know how to execute. For policy-only mode (Mode B), you can invent any action type that makes sense for your domain.

Naming convention

provider.resource.verb

| Part | Description | Examples | |---|---|---| | provider | The external service or system | github, stripe, sendgrid, webhook | | resource | The entity being acted on | pr, issue, branch, release, file, transfer | | verb | The operation | create, merge, delete, close, comment, commit |

Examples: github.pr.merge, payment.transfer.initiate, email.send, webhook.post

GitHub connector

The GitHub connector executes actions via the GitHub API using a personal access token (PAT) configured in Settings > Integrations.

| Action type | Description | Required parameters | |---|---|---| | github.pr.create | Create a pull request | title, head, base, body (optional) | | github.pr.merge | Merge a pull request | pr_number, merge_method (optional: merge, squash, rebase) | | github.pr.comment | Comment on a pull request | pr_number, body | | github.pr.close | Close a pull request | pr_number | | github.branch.create | Create a branch | branch_name, from_ref (optional, defaults to default branch) | | github.branch.delete | Delete a branch | branch_name | | github.issue.create | Create an issue | title, body (optional), labels (optional) | | github.issue.comment | Comment on an issue | issue_number, body | | github.issue.close | Close an issue | issue_number | | github.release.create | Create a release | tag_name, name (optional), body (optional), draft (optional), prerelease (optional) | | github.file.commit | Commit a file | path, content, message, branch (optional) |

Resource format

{
  "resource": {
    "provider": "github",
    "account": "my-org",
    "target": "my-org/my-repo",
    "environment": "production"
  }
}

The target field must be in owner/repo format. The Gateway extracts the owner and repo from this field.

Webhook connector

The webhook connector sends HTTP requests to any URL. Use it for tools that don't have a dedicated connector.

| Action type | Description | HTTP method | |---|---|---| | webhook.post | Send a POST request | POST | | webhook.get | Send a GET request | GET | | webhook.put | Send a PUT request | PUT | | webhook.patch | Send a PATCH request | PATCH | | webhook.delete | Send a DELETE request | DELETE |

Parameters

| Parameter | Type | Description | |---|---|---| | url | string | Required. The target URL | | headers | object | Optional. HTTP headers to include | | body | object | Optional. Request body (JSON) | | query | object | Optional. Query string parameters |

Example

{
  "type": "webhook.post",
  "resource": {
    "provider": "webhook",
    "target": "https://api.example.com/v1/action"
  },
  "parameters": {
    "url": "https://api.example.com/v1/action",
    "headers": { "X-Custom-Header": "value" },
    "body": { "key": "value" }
  }
}
Warning
In Mode A (full enforcement), credentials should live in the Gateway, not in the action spec. Avoid putting API keys in parameters.headers — configure them as Gateway environment variables instead.

Custom action types

For policy-only mode (Mode B) or domains without a built-in connector, define your own action types. The policy engine evaluates any string — it doesn't need to match a Gateway connector.

Recommended conventions

| Domain | Prefix | Examples | |---|---|---| | Source control | github.*, gitlab.* | github.pr.merge, gitlab.mr.approve | | Payments | payment.* | payment.transfer.initiate, payment.refund.create | | Email | email.* | email.send, email.template.update | | Infrastructure | infra.* | infra.server.provision, infra.dns.update | | Database | db.* | db.query.execute, db.table.drop | | Agent orchestration | agent.* | agent.spawn, agent.delegate | | Access management | access.* | access.user.create, access.role.assign |

Example: custom payment action

{
  "type": "payment.transfer.initiate",
  "resource": {
    "provider": "stripe",
    "account": "acct_main",
    "target": "transfers",
    "environment": "production"
  },
  "parameters": {
    "amount": 25000,
    "currency": "usd",
    "destination": "acct_vendor_123"
  },
  "risk_hints": {
    "financial_impact": true,
    "irreversible": true
  }
}

This action type won't execute via the Gateway (no Stripe connector yet), but the policy engine will evaluate it against your policies. Your agent handles execution in Mode B.

Next steps