API Overview
Base URL, authentication, and integration options for the Oathe behavioral security audit API.
Base URL
https://audit-engine.oathe.aiAll endpoint paths in the reference pages are relative to this base.
Authentication
The public API endpoints require no authentication. Submit audits, query results, and fetch badges freely. No API key, no signup, no paywall — free during beta.
Integration Options
| Surface | Best For | Get Started |
|---|---|---|
| MCP Server | AI agents with native tool calling | npx oathe-mcp — 5 tools, zero config. See MCP Server |
| REST API | CI/CD pipelines and programmatic integration | POST /api/submit with a skill URL. See Submit Audit |
| SKILL.md | LLMs checking skills before install | Read SKILL.md and follow the workflow |
Verdicts
Every audit produces a trust score (0–100) and a categorical verdict.
| Verdict | Score Range | Recommendation |
|---|---|---|
| SAFE | 80–100 | INSTALL |
| CAUTION | 50–79 | INSTALL_WITH_CAUTION |
| DANGEROUS | 20–49 | REVIEW_BEFORE_INSTALL |
| MALICIOUS | 0–19 | DO_NOT_INSTALL |
See Verdicts for full details on each verdict and recommendation.
Scoring Dimensions
The trust score is derived from six behavioral dimensions, each scored independently from 0–100 and weighted differently to produce the overall score.
| Dimension | API Field |
|---|---|
| Prompt Injection | prompt_injection |
| Data Exfiltration | data_exfiltration |
| Code Execution | code_execution |
| Clone Behavior | clone_behavior |
| Canary Integrity | canary_integrity |
| Behavioral Reasoning | behavioral_reasoning |
See Scoring Dimensions for what each dimension evaluates.
Error Handling
All errors return JSON with statusCode, name, and message fields. See Error Codes for the full list.
Rate Limits
Audit submissions (POST /api/submit) are rate-limited. Read endpoints are not. See Rate Limits for details.
Idempotency
POST /api/submit supports an Idempotency-Key request header for safe retries. See Submit Audit for details.
Response Format
All endpoints return JSON. No SDK is required — standard HTTP clients work. Responses use consistent field naming across all endpoints:
audit_id— Unique audit identifier (UUID)skill_url— The submitted GitHub or ClawHub URLskill_slug— Short form:user/repotrust_score— Composite score, 0–100verdict—SAFE,CAUTION,DANGEROUS, orMALICIOUSrecommendation—INSTALL,INSTALL_WITH_CAUTION,REVIEW_BEFORE_INSTALL, orDO_NOT_INSTALLstatus— Audit lifecycle stage