Seisoai
Base URL: https://seisoai.com
Primary endpoint: POST /api/gateway/invoke/{toolId} or POST /api/gateway/invoke with toolId in body.
Auth: X-API-Key or x402 payment (USDC on Base).
Agent-First Workflow (Do This Every Session)
- 1. Discover live tools:
-
GET /api/gateway/tools
- 2. For selected tools, fetch exact schema:
-
GET /api/gateway/tools/{toolId}
- 3. Optionally pre-price inputs:
-
GET /api/gateway/price/{toolId}
- 4. Invoke with API key or x402.
- If queue tool, poll job status/result URLs from response.
Do not rely on static tool lists when a live registry is available.
Auth Strategy
Use this decision order:
- 1. If you have a project API key, use
X-API-Key. - If you do not have a key, use x402 pay-per-request.
- Do not send browser CSRF tokens for machine clients.
API Key Example
CODEBLOCK0
x402 Example (2-step)
- 1. Call without payment header.
- Receive
402 with payment requirements. - Sign/pay on Base.
- Retry same request with one of:
-
payment-signature
-
x-payment
- �INLINECODE12
High-Value Endpoints
-
GET /api/gateway/tools
-
GET /api/gateway/tools/{toolId}
-
GET /api/gateway/price/{toolId}
-
GET /api/gateway/mcp-manifest
-
POST /api/gateway/invoke/{toolId}
-
POST /api/gateway/invoke
-
GET /api/gateway/jobs/{jobId}?model=...
-
GET /api/gateway/jobs/{jobId}/result?model=...
-
GET /api/gateway/agents
-
GET /api/gateway/agent/{agentId}
-
POST /api/gateway/agent/{agentId}/invoke/{toolId?}
- �INLINECODE24
Agent-Scoped Safety Controls (Mandatory)
For normal media generation (images, video, audio, 3D), use /api/gateway/invoke and the discovery endpoints above; no extra checks. The rules below apply only when the user explicitly asks to run or orchestrate a specific agent (e.g. a named bot or workflow).
Default posture: deny by default for agent-scoped routes (/api/gateway/agent/*). Use agent-scoped endpoints only when all checks pass:
- 1. Explicit task requirement
- Do not call
/agent/* routes unless the current task explicitly requires operating a specific agent.
- 2. Exact agent binding
- Resolve
agentId from a trusted source (
GET /api/gateway/agents or user-provided exact ID).
- Never infer or guess agent IDs from names/prompts.
- 3. Authorization boundary
- Use only the current caller credentials.
- Never attempt to reuse, escalate, or proxy credentials to access other tenants/owners.
- 4. Single-agent scope
- For one task, operate on one approved
agentId unless the user explicitly requests multi-agent execution.
- 5. Tool allowlist enforcement
- Before invoke/orchestrate, fetch
GET /api/gateway/agent/{agentId} and only use tool IDs declared for that agent.
- Reject tool IDs not listed in that agent definition.
- 6. No recursive orchestration
- Do not create self-referential orchestrations, orchestration loops, or fan-out patterns across unknown agents.
- 7. No broad discovery exfiltration
- Do not enumerate all agents unless needed for user task; prefer direct lookup when
agentId is known.
- 8. Audit trail requirement
- Log
agentId, route, tool ID, and reason for each agent-scoped call in agent run notes.
- 9. On mismatch or ambiguity: stop
- If ownership/scope/tool authorization is ambiguous, do not call
/agent/*; fall back to
/api/gateway/invoke.
Tool Selection Cheatsheet (Verified IDs)
Images
- - Fast text->image: �INLINECODE36
- Premium cinematic: �INLINECODE37
- Premium consistency: �INLINECODE38
- 360/panorama: �INLINECODE39
- Prompted edit: �INLINECODE40
- Face swap: �INLINECODE41
- Inpaint/outpaint:
image.inpaint, �INLINECODE43 - Background removal/layer: �INLINECODE44
- Upscale: �INLINECODE45
Video
- - Text->video (Veo): �INLINECODE46
- Image->video (Veo): �INLINECODE47
- First/last frame: �INLINECODE48
- Kling text:
video.generate.kling-3-pro-text, �INLINECODE50 - Kling image:
video.generate.kling-3-pro-image, �INLINECODE52 - Motion transfer: �INLINECODE53
Audio / Speech / Music
- - Voice clone TTS: �INLINECODE54
- TTS quality tiers:
audio.tts.minimax-hd, �INLINECODE56 - Lip sync: �INLINECODE57
- Transcription: �INLINECODE58
- Music: �INLINECODE59
- Sound FX: �INLINECODE60
- Stem separation: �INLINECODE61
3D
- - Image->3D standard: �INLINECODE62
- Image->3D pro: �INLINECODE63
- Text->3D pro: �INLINECODE64
- Fast image->3D: �INLINECODE65
- Mesh post-processing:
3d.smart-topology, �INLINECODE67
Minimal Payload Patterns
Text->image:
�CODEBLOCK1
Image edit:
�CODEBLOCK2
Text->video:
�CODEBLOCK3
DreamActor motion transfer:
�CODEBLOCK4
Voice clone TTS:
�CODEBLOCK5
3D image->mesh:
�CODEBLOCK6
Queue Handling Contract
If executionMode is queue, response includes job metadata. Use:
- 1.
statusUrl until completed/failed. - INLINECODE71� when completed.
Treat queue submit success as billable success (x402 settlement/API-key credit deduction already handled server-side).
Error Policy
- -
400: Schema/input mismatch. Re-fetch tool schema and correct fields. - INLINECODE73�: Missing/invalid payment or insufficient API key credits.
- INLINECODE74�: Tool/agent not found. Refresh registry.
- INLINECODE75�: Tool disabled. Select fallback in same category.
- INLINECODE76�: Retry with backoff; then switch model/tool.
Reliability Rules for Agents
- 1. Always discover live tools before planning multi-step flows.
- Use exact schema from
GET /tools/{toolId} for required fields. - Keep one tool call per request; chain in your agent.
- Prefer explicit model/tool IDs over natural-language routing assumptions.
- For retries, do not reuse stale x402 signatures.
- Treat
/api/gateway/agent/* as privileged routes and apply the mandatory safety controls above.
Self-Maintenance
When this file is updated:
- - Keep IDs aligned with
backend/services/toolRegistry.ts. - Update
last_synced and version. - Keep examples minimal and executable.
Changelog
- - [2026-02-09] v1.1.1 - Added mandatory safety controls for agent-scoped endpoints (deny-by-default, agent/tool scoping, anti-recursion, and audit requirements).
- [2026-02-09] v1.1.0 - Rewrote for agent discovery-first flow, corrected stale tool IDs/params, tightened auth/x402 guidance, and added queue/error reliability policy.
- [2026-02-08] v1.0.0 - Initial self-improvement protocol added.
Seisoai
基础URL:https://seisoai.com
主要端点:POST /api/gateway/invoke/{toolId} 或 POST /api/gateway/invoke(在请求体中包含 toolId)
认证方式:X-API-Key 或 x402 支付(Base链上的USDC)
智能体优先工作流(每次会话执行此流程)
- 1. 发现可用工具:
- GET /api/gateway/tools
- 2. 针对选定工具,获取精确模式:
- GET /api/gateway/tools/{toolId}
- 3. 可选:预先评估输入价格:
- GET /api/gateway/price/{toolId}
- 4. 使用API密钥或x402调用。
- 如果是队列工具,从响应中轮询任务状态/结果URL。
当存在实时注册表时,不要依赖静态工具列表。
认证策略
按以下决策顺序执行:
- 1. 如果有项目API密钥,使用 X-API-Key。
- 如果没有密钥,使用x402按请求付费。
- 机器客户端不要发送浏览器CSRF令牌。
API密钥示例
http
POST /api/gateway/invoke/image.generate.flux-2
X-API-Key: sklivexxx
Content-Type: application/json
{prompt:a sunset over mountains}
x402示例(两步)
- 1. 不带支付头调用。
- 收到包含支付要求的 402 响应。
- 在Base链上签名/支付。
- 使用以下任一方式重试相同请求:
- payment-signature
- x-payment
- payment
高价值端点
- GET /api/gateway/tools
- GET /api/gateway/tools/{toolId}
- GET /api/gateway/price/{toolId}
- GET /api/gateway/mcp-manifest
- POST /api/gateway/invoke/{toolId}
- POST /api/gateway/invoke
- GET /api/gateway/jobs/{jobId}?model=...
- GET /api/gateway/jobs/{jobId}/result?model=...
- GET /api/gateway/agents
- GET /api/gateway/agent/{agentId}
- POST /api/gateway/agent/{agentId}/invoke/{toolId?}
- POST /api/gateway/agent/{agentId}/orchestrate
智能体范围安全控制(强制)
对于常规媒体生成(图像、视频、音频、3D),使用 /api/gateway/invoke 和上述发现端点;无需额外检查。以下规则仅适用于用户明确要求运行或编排特定智能体(例如命名机器人或工作流)时。
默认姿态:智能体范围路由(/api/gateway/agent/*)默认拒绝。仅在所有检查通过时才使用智能体范围端点:
- 1. 明确的任务需求
- 除非当前任务明确要求操作特定智能体,否则不要调用 /agent/* 路由。
- 2. 精确的智能体绑定
- 从可信来源(GET /api/gateway/agents 或用户提供的精确ID)解析 agentId。
- 切勿根据名称/提示推断或猜测智能体ID。
- 3. 授权边界
- 仅使用当前调用者的凭证。
- 切勿尝试重用、提升或代理凭证以访问其他租户/所有者。
- 4. 单一智能体范围
- 对于单个任务,操作一个已批准的 agentId,除非用户明确请求多智能体执行。
- 5. 工具白名单强制执行
- 在调用/编排之前,获取 GET /api/gateway/agent/{agentId},仅使用该智能体声明的工具ID。
- 拒绝未在该智能体定义中列出的工具ID。
- 6. 无递归编排
- 不要创建自引用编排、编排循环或跨未知智能体的扇出模式。
- 7. 无广泛发现泄露
- 除非用户任务需要,否则不要枚举所有智能体;当已知 agentId 时,优先直接查找。
- 8. 审计追踪要求
- 在智能体运行记录中记录每次智能体范围调用的 agentId、路由、工具ID和原因。
- 9. 不匹配或歧义时:停止
- 如果所有权/范围/工具授权存在歧义,不要调用 /agent/*;回退到 /api/gateway/invoke。
工具选择速查表(已验证ID)
图像
- - 快速文本->图像:image.generate.flux-2
- 高级电影级:image.generate.kling-image-v3
- 高级一致性:image.generate.kling-image-o3
- 360/全景:image.generate.nano-banana-pro
- 提示编辑:image.generate.flux-pro-kontext-edit
- 换脸:image.face-swap
- 内绘/外绘:image.inpaint、image.outpaint
- 背景移除/分层:image.extract-layer
- 放大:image.upscale
视频
- - 文本->视频(Veo):video.generate.veo3
- 图像->视频(Veo):video.generate.veo3-image-to-video
- 首尾帧:video.generate.veo3-first-last-frame
- Kling文本:video.generate.kling-3-pro-text、video.generate.kling-3-std-text
- Kling图像:video.generate.kling-3-pro-image、video.generate.kling-3-std-image
- 运动迁移:video.generate.dreamactor-v2
音频/语音/音乐
- - 语音克隆TTS:audio.tts
- TTS质量等级:audio.tts.minimax-hd、audio.tts.minimax-turbo
- 唇形同步:audio.lip-sync
- 转录:audio.transcribe
- 音乐:music.generate
- 音效:audio.sfx
- 音轨分离:audio.stem-separation
3D
- - 图像->3D标准:3d.image-to-3d
- 图像->3D专业版:3d.image-to-3d.hunyuan-pro
- 文本->3D专业版:3d.text-to-3d.hunyuan-pro
- 快速图像->3D:3d.image-to-3d.hunyuan-rapid
- 网格后处理:3d.smart-topology、3d.part-splitter
最小负载模式
文本->图像:
json
{prompt:...}
图像编辑:
json
{prompt:...,image_url:https://...}
文本->视频:
json
{prompt:...,duration:6s}
DreamActor运动迁移:
json
{sourceimageurl:https://...,drivingvideourl:https://...}
语音克隆TTS:
json
{text:...,audio_url:https://...}
3D图像->网格:
json
{imageurl:https://...,outputformat:glb}
队列处理约定
如果 executionMode 为 queue,响应包含任务元数据。使用:
- 1. statusUrl 直到完成/失败。
- 完成后使用 resultUrl。
将队列提交成功视为可计费成功(x402结算/API密钥信用扣除已在服务端处理)。
错误策略
- - 400:模式/输入不匹配。重新获取工具模式并更正字段。
- 402:缺少/无效支付或API密钥信用不足。
- 404:工具/智能体未找到。刷新注册表。
- 503:工具已禁用。选择同一类别中的备用工具。
- 500:使用退避策略重试;然后切换模型/工具。
智能体可靠性规则
- 1. 在规划多步骤流程之前,始终发现实时工具。
- 使用 GET /tools/{toolId} 的精确模式获取必填字段。
- 每次请求保持一个工具调用;在智能体中链式调用。
- 优先使用明确的模型/工具ID,而非自然语言路由假设。
- 重试时,不要重用过期的x402签名。
- 将 /api/gateway/agent/* 视为特权路由,并应用上述强制安全控制。
自我维护
当此文件更新时:
- - 保持ID与 backend/services/toolRegistry.ts 一致。
- 更新 last_synced 和 version。
-
