Security

Token, audit, and privacy boundaries

Bearer tokens are paid access credentials; logs avoid full tokens and raw sensitive request bodies.

Endpoint

https://codegraphcontext.clauxel.com/mcp

Authentication

Production calls require a paid bearer token. The checkout and token-claim endpoints return machine-readable instructions for agents.

Available tools

  • repo_graph_query returns structured JSON with verdict, reason, receipt_id, usage_units, and next_action.
  • symbol_impact_path returns structured JSON with verdict, reason, receipt_id, usage_units, and next_action.
  • branch_context_pack returns structured JSON with verdict, reason, receipt_id, usage_units, and next_action.
  • dependency_hotspot_report returns structured JSON with verdict, reason, receipt_id, usage_units, and next_action.

Example call

{"jsonrpc":"2.0","id":"call-1","method":"tools/call","params":{"name":"repo_graph_query","arguments":{"sample":"CodeGraph Context sample with public-safe workflow context, owner, policy, deadline, risk notes, and reviewer evidence."}}}

Setup pages