Pre-built capability scope templates for AgentPKI passports. Use these instead of inventing your own scope strings — every site verifying AgentPKI tokens will recognize them.
npm i @agentpki/scopesimport { AgentPKI } from '@agentpki/sdk';
import { Scopes } from '@agentpki/scopes';
const client = new AgentPKI({ passportProvider });
// Mint a passport with a pre-built scope pack:
const token = await client.mint({
sub: 'agent:mybot/v1',
scope: Scopes.commerce.checkout({ maxUsd: 100 }),
});
// scope: ['read:catalog', 'read:availability', 'read:pricing', 'read:reviews',
// 'request:quote', 'accept:quote', 'purchase:<=100usd',
// 'read:receipt', 'read:order-status', 'request:refund']| Pack | Description |
|---|---|
Scopes.commerce.readOnly |
Browse-only: catalog, availability, pricing, reviews. |
Scopes.commerce.checkout({ maxUsd }) |
Full checkout up to N USD per transaction. |
Scopes.commerce.subscriptionManagement({ maxUsdPerPeriod }) |
Manage recurring billing. |
| Pack | Description |
|---|---|
Scopes.scheduling.readOnly |
Read calendar + availability. |
Scopes.scheduling.fullAccess |
Book, reschedule, cancel, invite. |
Scopes.scheduling.windowed({ from, to }) |
Scheduling constrained to a time window. |
| Pack | Description |
|---|---|
Scopes.news.researchBot |
Articles + headlines + metadata + public data. |
Scopes.news.aggregator |
Headlines + RSS + sitemap. |
| Pack | Description |
|---|---|
Scopes.medical.triage |
Public health info + drug DB. No PHI. |
Scopes.medical.telehealthScheduling |
Schedule / reschedule / cancel visits. |
Scopes.medical.patientRecordsReadonly |
Read own records + lab results. |
| Pack | Description |
|---|---|
Scopes.financial.research |
Market data + filings + rates. |
Scopes.financial.accountReadonly |
Read balance + transactions + statements. |
Scopes.financial.payBills({ maxPerTransactionUsd, maxDailyUsd }) |
Pay bills with daily and per-tx caps. |
import { union, satisfies, parse } from '@agentpki/scopes';
// Combine multiple packs:
const combined = union(
Scopes.commerce.readOnly,
Scopes.scheduling.fullAccess,
);
// Check if a passport satisfies required scopes:
const ok = satisfies(passportToken.scope, [Scopes.commerce.READ_CATALOG]);
// Parse a parameterized scope:
const parsed = parse('purchase:<=100usd');
// { raw: 'purchase:<=100usd', action: 'purchase', resource: null,
// constraints: { usd: '<=100' } }Every AgentPKI verifier needs to enforce scope semantics consistently. If
Anthropic's agent says purchase:limit_100_usd and DataDome expects
purchase:<=100usd, both sides have to maintain mapping tables forever.
By using @agentpki/scopes, you guarantee:
- Your scope strings match every other AgentPKI integration's
- Verifiers don't need vendor-specific shims to enforce limits
- The protocol stays one source of truth
If a pack is missing for your industry, open an issue. We add scopes in batches as the ecosystem coalesces.
PRs welcome. New verticals live in src/<vertical>.ts and are added to
the top-level Scopes export in src/index.ts. Each vertical should:
- Export individual scope strings as named constants (UPPER_SNAKE_CASE)
- Export common packs as readonly arrays
- Export parameterized scope generators as functions
- Document any Tier-2 / Tier-3 issuer requirements in comments
MIT.
- AgentPKI v0.2 spec — protocol details
@agentpki/sdk— core SDKagentpkiCLI — terminal interface