What you need
Almost nothing — and that's the point.
- An AI agent. Claude Code, Cursor, Grok, Gemini, Codex, Copilot… whatever you run. The collection is the spec; the agent is the engine.
- Tools you already have —
bash,curl,jq,openssl. Stock macOS or Linux. No Electron, no npm, no account. - Plain English. "Fire the zones endpoint against staging" — the agent reads the collection and goes.
The contract (MISSIVE.md) is runtime-neutral; the Claude skill is a ~25-line router the installer wires for you.
Get started
One command drops the contract and the full working toolchain — the vault, the deterministic auth-runner, its libraries, and the SigV4 test vectors. It never touches your code.
cd your-project curl -fsSL https://missive.daystra.com/install.sh | sh
Store a secret once (your terminal, not a chat transcript), then fire:
printf %s 'YOUR_TOKEN' | scripts/vault.sh set API_TOKEN scripts/missive-run.sh my-service.api.md "GET /things — list" --env prod
Start a collection from the template, pull a shape × auth
recipe from the patterns catalog, and keep secrets as
{{vault:NAME}} references — the Markdown never holds values.
The one shape
Every API — REST, GraphQL, webhook, action — collapses into one file shape. One file = one
collection; each ## heading = one endpoint with four sections:
- Request — the HTTP/GraphQL to fire (
{{env}},{{var:}},{{vault:}}references). - Checks — jq-style assertions against the response.
- Mock — canned JSON for offline dev.
- Notebook — an append-only log of what actually happened: every run, surprise, and schema truth, timestamped. This is what a static collection export never gives you.
Advanced auth is computed, not improvised: OAuth2 pre-request → Capture → cached
token (rotation-invalidated), HMAC and AWS SigV4 request signing (KAT-certified against the
real AWS SDK), and mTLS — all via scripts/missive-run.sh, emitting a
redacted verdict. Secrets never render into a file, a diff, or a transcript.
What's in the box
missive.daystra.com/ ├── MISSIVE.md the contract — agents fetch this ├── MISSIVE-TEMPLATE.md start a collection ├── MISSIVE-PATTERNS.md shape × auth recipes ├── install.sh curl … | sh — docs + vault + runner ├── llms.txt agent-readable summary ├── skills/claude/SKILL.md Claude adapter (install.sh wires it) └── examples/ ├── httpbin.api.md Basic auth + action POST — fired live ├── spotify.api.md OAuth2 → Capture → cached token — fired live ├── github.api.md GraphQL shape └── missive-releases.api.md this site, testing itself
Start here
Preview
Click any file above — it renders here, one at a time. Agents fetch the raw .md at the same URL.
Feedback
Something broken, missing, or great? Say it plainly — it lands in a real inbox.