Scaffold protection from a description

curl --request POST \ --url https://api.mnemom.ai/v1/protection/scaffold \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "description": "<string>", "hints": {} } '

{ "ok": true, "manifest": "<string>", "reasoning": "<string>", "cached": true, "model": "<string>", "suggested_catalog_entries": [ "<string>" ], "coverage_gaps": [ { "note": "<string>", "axis": "<string>" } ], "parse_warnings": [ "<string>" ] }

Authorizations

Authorization

string

header

required

Supabase JWT token in Authorization: Bearer header

Body

application/json

description

string

required

Free-form description of the agent / scope. Untrusted input — the system prompt instructs the model not to follow embedded directives.

Required string length: 20 - 2000

scope

enum<string>

Hint to the model about which scope the manifest will live at.

Available options:

platform,

org,

team,

agent

hints

object

Free-form key/value hints (industry, risk_appetite, existing_tools, etc).

model

enum<string>

Claude model to invoke. haiku is the default; sonnet for prose-heavy reasoning.

Available options:

haiku,

sonnet

Response

Scaffold ready. Editable; never auto-commits.

boolean

required

resource

enum<string>

required

Available options:

protection

manifest

string

required

YAML body of the scaffolded manifest.

reasoning

string

required

Care-framed prose explanation.

cached

boolean

required

True when the response was served from the description-hash cache.

model

string

required

Claude model id used for the call.

suggested_catalog_entries

string[]

coverage_gaps

object[]

Show child attributes

parse_warnings

string[]