For AI agents

mog is built for agents. The CLI supports headless authentication, every command returns structured JSON, spend policies let agents purchase autonomously within limits, and the full documentation is available as plain text at well-known URLs.

Machine-readable documentation

mog serves its entire documentation corpus in agent-friendly plain-text formats at two well-known URLs.

URL	Description
https://mog.md/llms.txt	Short overview, integration facts, REST API index, and links to per-page .mdx sources
https://mog.md/llms-full.txt	Every documentation page concatenated into a single file — the complete reference

Individual doc pages are also available as raw Markdown at https://mog.md/docs/<slug>.mdx.

Using llms.txt in agent systems

If your agent framework supports tool-use documentation or context injection, point it at llms.txt for a compact summary or llms-full.txt for the full corpus:

const docs = await fetch('https://mog.md/llms-full.txt').then(r => r.text())

The llms.txt format follows the llms.txt proposal — a growing convention for making websites machine-readable to language models.

Headless authentication

mog uses the device code flow (RFC 8628) specifically because it works in headless environments — CI runners, Docker containers, SSH sessions, and agent runtimes where no browser is available on the machine.

mog auth --json

{
  "ok": true,
  "command": "auth",
  "data": {
    "userCode": "XKCD-7Z4B",
    "verificationUrl": "https://mog.md/device",
    "expiresIn": 900
  }
}

The agent displays (or logs) the code and URL, then the CLI polls automatically until a human approves from any browser. No redirect URI or callback server is required.

API tokens

For long-running agents or CI, generate a scoped API token from the dashboard instead of using the device flow. Set it as an environment variable:

export MOG_TOKEN="mog_tok_..."

The CLI and SDK both read MOG_TOKEN automatically. Tokens can be scoped to specific permissions:

Scope	Allows
read	Search, browse listings, view entitlements
purchase	Buy packages, open network sessions, call tools
download	Retrieve signed download URLs
sell	Vendor operations, inbox, service health

Structured CLI output

Every CLI command supports --json for machine-readable output. Agents should always use this flag.

mog search "react testing" --json
mog install acme/react-testing-skill --json
mog ls --json

All JSON responses share a consistent envelope:

{ "ok": true, "command": "search", "data": { "results": [...], "total": 3 } }

On failure:

{ "ok": false, "command": "install", "error": "Package not found" }

Exit codes

Code	Meaning
0	Success
1	Error
2	Approval required — approvalUrl is included in the JSON output for a human to review

Exit code 2 is the key signal for agents: the operation was blocked by a spend policy or price limit, and a human must approve via the returned URL.

Autonomous purchasing

Agents can purchase and install packages without human intervention using --auto-buy:

mog install acme/premium-skill --auto-buy --json

Add --max-price <cents> to cap how much the agent can spend per package:

mog install acme/expensive-skill --auto-buy --max-price 500 --json

If the price exceeds the limit, the CLI exits with code 2 and returns an approvalUrl.

Spend policies

For finer control, attach a spend policy to the agent's API token. Spend policies enforce:

• Per-purchase limits — maximum cost for a single transaction
• Daily and monthly caps — rolling spend ceilings
• Vendor allowlists — restrict purchases to approved vendors
• Blocked package types — prevent certain package types entirely

When a purchase would exceed a policy limit, the API returns HTTP 402 with an approvalUrl for human review. This gives agents autonomy within safe boundaries.

See Spend policies for setup instructions.

Preflight (dry run)

Before committing to an install, agents can preview exactly what would happen:

mog install acme/react-testing-skill --preflight --json

{
  "ok": true,
  "command": "install",
  "data": {
    "package": "acme/react-testing-skill@1.2.0",
    "target": "cursor",
    "installPath": "/my-project/.cursor/skills/react-testing-skill/",
    "sha256": "a3f8c2d1...",
    "price": "Free"
  }
}

This lets agents make informed decisions about whether to proceed.

SDK for programmatic access

For agents that need deeper integration — service discovery, sessions, tool calls, and payments — use the TypeScript SDK:

npm install @mog/sdk

import { MogClient } from '@mog/sdk'
 
const mog = new MogClient({ token: process.env.MOG_TOKEN! })
 
const results = await mog.search({ q: 'pdf conversion', type: 'skill' })
 
const { session } = await mog.openSession({
  vendor: 'acme',
  slug: 'travel-agent',
  intent: 'book_travel',
})
 
const result = await mog.callTool('acme', 'pdf-agent', {
  tool: 'pdf_to_json',
  input: { url: 'https://example.com/doc.pdf' },
  maxCostCents: 10,
})

See @mog/sdk for the full reference.

Agent workflow summary

A typical autonomous agent workflow:

1. Authenticate — set MOG_TOKEN or run the device code flow
2. Search — mog search --json or mog.search() to find packages/services
3. Preflight — mog install --preflight --json to check before committing
4. Install — mog install --auto-buy --max-price 500 --json
5. Wire — mog install --wire to auto-configure the agent's editor
6. Use — the installed skill/MCP server is now available in the agent's context

For agent network interactions (sessions, tool calls, payments), use the SDK directly.