AgentSkillsCN

api-spec

正式的 API 规范参考。适用于实施 API 操作、检查实体定义、理解权限,或验证业务规则时使用。

SKILL.md
--- frontmatter
name: api-spec
description: Formal API specification reference. Use when implementing API operations, checking entity definitions, understanding permissions, or validating business rules.

API Specification Reference

The formal specification is attached to the project. Key files:

FileContents
04_Entities.mdAll entity definitions with fields
05_Relationships_States.mdState machines, ER relationships
06_Invariants.mdBusiness rules, constraints
07_Operations.mdAPI operations with pre/post conditions
08_Permissions.mdRole/tier permission matrix
09_Validation.mdSpec validation, webhook payloads
11_Storage.mdS3 structure, credit source rules, refund policy

Entity Quick Reference

User

code
id, email!, name?, avatar_url?, tier {starter|creator},
credits, ephemeral_storage_bytes, upgraded_at?, created_at, updated_at

Team

code
id, name, slug!, credits, ephemeral_storage_bytes, settings, created_at, updated_at

Membership

code
id, team_id FK, user_id FK, role {owner|admin|member|viewer}, created_at
UNIQUE(team_id, user_id)

Job

code
id, owner URN, triggered_by FK→User, project_id? FK→Project,
status {queued|processing|completed|failed|canceled},
spec_snapshot JSONB, options, progress, output?, error?,
credits_charged, failure_type?, credits_refunded,
idempotency_key?, started_at?, completed_at?, created_at, updated_at

Project

code
id, team_id FK, created_by FK→User, name,
status {draft|rendering|completed|archived}, spec JSONB,
created_at, updated_at

AssetFile

code
id, owner URN, uploaded_by FK→User, project_id? FK→Project,
filename, s3_key!, content_type, size_bytes,
status {pending|ready|failed}, metadata JSONB,
created_at, updated_at

Invitation

code
id, team_id FK, invited_by FK→User, email,
role {admin|member|viewer}, token!, expires_at,
accepted_at?, revoked_at?, created_at
Derived: state ∈ {pending|accepted|expired|revoked}

URN Patterns

PatternExampleWho Can Use
framecast:user:<user_id>framecast:user:usr_abcStarter or Creator
framecast:team:<team_id>framecast:team:tm_xyzCreator only
framecast:<team_id>:<user_id>framecast:tm_xyz:usr_abcCreator only

Key Invariants

User Invariants:

  • INV-U3: Starter users have no team memberships
  • INV-U5: User credits ≥ 0

Team Invariants:

  • INV-T1: Every team has ≥1 member
  • INV-T2: Every team has ≥1 owner
  • INV-T6: Team credits ≥ 0

Membership:

  • INV-M2: Role ∈ {owner, admin, member, viewer}
  • INV-M4: Only creator users can have memberships

Job:

  • INV-J1: Status ∈ {queued, processing, completed, failed, canceled}
  • INV-J6: Failed/canceled jobs must have failure_type
  • INV-J8: credits_refunded ≤ credits_charged
  • INV-J11: Project jobs must be team-owned
  • INV-J12: Max 1 active job per project

Cardinality Constraints:

  • CARD-2: Max 10 owned teams per user
  • CARD-3: Max 50 team memberships per user
  • CARD-4: Max 50 pending invitations per team
  • CARD-5: Max 5 concurrent jobs per team
  • CARD-6: Max 1 concurrent job per starter user

Rate Limits:

  • Starter: 60 RPM, Creator: 300 RPM
  • Invitation rate: 20 per day per team

Permission Matrix (Brief)

OperationOwnerAdminMemberViewer
Edit team settings
Invite members
Create projects
Delete projects
Trigger render
Cancel jobsOwn only
Manage webhooks

State Machines

Job.status

code
queued → processing → completed
           ↓
         failed

queued/processing → canceled (user action)

Project.status

code
draft → rendering → completed → archived
  ↑        ↓                       ↓
  └── (job failed) ←───────────────┘ (unarchive)

Invitation (derived)

code
pending → accepted (user accepts)
        → expired (expires_at reached)
        → revoked (admin action)

Credit Refund Policy

Failure TypeRefund
system100%
timeout100%
validationProportional to remaining work
canceledProportional × 0.9 (10% fee)

Webhook Events

code
job.queued, job.started, job.progress,
job.completed, job.failed, job.canceled

Signature: HMAC-SHA256(timestamp + "." + body, secret)

Endpoint Mapping (Key Operations)

OperationMethodEndpoint
Jobs
Create ephemeral jobPOST/v1/generate
Create project jobPOST/v1/projects/:id/render
Get jobGET/v1/jobs/:id
List jobsGET/v1/jobs
Cancel jobPOST/v1/jobs/:id/cancel
Clone jobPOST/v1/jobs/:id/clone
Get job events (SSE)GET/v1/jobs/:id/events
Projects
List projectsGET/v1/teams/:id/projects
Create projectPOST/v1/teams/:id/projects
Get projectGET/v1/projects/:id
Update projectPATCH/v1/projects/:id
Archive projectPOST/v1/projects/:id/archive
Unarchive projectPOST/v1/projects/:id/unarchive
Teams
List teamsGET/v1/teams
Create teamPOST/v1/teams
Get teamGET/v1/teams/:id
List membersGET/v1/teams/:id/members
Invitations
List invitationsGET/v1/teams/:id/invitations
Create invitationPOST/v1/teams/:id/invitations
Accept invitationPOST/v1/invitations/accept
Revoke invitationDELETE/v1/teams/:id/invitations/:id
Assets
Create upload URLPOST/v1/assets/upload-url
Confirm uploadPOST/v1/assets/:id/confirm
List assetsGET/v1/assets
Delete assetDELETE/v1/assets/:id
Webhooks
Create webhookPOST/v1/teams/:id/webhooks
List webhooksGET/v1/teams/:id/webhooks
Rotate secretPOST/v1/webhooks/:id/rotate-secret
Validation
Validate specPOST/v1/spec/validate
Estimate creditsPOST/v1/spec/estimate