Build
Developers
Every index365 result has two first-class interfaces: a dashboard your team reads and an agent-readable contract your tools consume. This section covers the agent side: connect your AI agent, then the MCP server, the CLI, the agent skills, and the authenticated REST API. The API is the source of truth; everything else wraps it.
Connect your AI agent
Start here: pick MCP, CLI, or skills, learn the runtime model, and hand the page to your agent.
Authentication
Scoped API keys, the Authorization header, scopes, and the org-isolation model.
MCP server
Give Claude Code, Codex, or Cursor direct access to your audit results over the Model Context Protocol.
CLI
The index365 command line for terminals and CI: start audits, wait, and read findings as JSON.
Agent skills
Nine skills that wrap the CLI so your coding agent can audit and fix in one instruction.
REST API
Start audits, poll runs, and read structured findings over /api/v1. OpenAPI reference included.
Get an API key
- Use any workspace (every plan, including Free), then open your workspace's API Keys page in the dashboard.
- Create a key. Every key carries the full scope set, so an agent can run audits and manage projects out of the box. Keys are org-scoped and revocable instantly, and cannot touch account or billing data.
- Copy the secret at creation, or re-reveal it any time from the dashboard. Keys are stored encrypted (and hashed for lookup); the list view shows a masked prefix and suffix.
Authenticate every request with Authorization: Bearer i365_.... Keys are scoped to your organization, rate limited per key, and every request is logged to an audit trail you can review. See Authentication for the full model.
Connect your coding agent
The fastest path is the MCP server or the CLI, then the agent skills that wrap them. See Connect your AI agent to pick your path, and Agent skills for the one-command install. The flagship index365-audit-and-fix runs an audit, applies the fixes in your repository, and re-runs to confirm the score moved.