Skip to content
Recued
Menu
Community catalog

Marketplace

Inspect what a workflow does, what it installs, and what it can access before bringing it into Recued.

Kind
Tags
Sort

365 packs

Accounting & Bookkeeping - QuickBooks Online

V3 QuickBooks Online capability pack for the SMB-finance wedge. Declares canonical accounting operations over QuickBooks invoices, bills, expenses (Purchase), customer payments, refunds, customers, vendors, chart of accounts (Account), daily bookkeeping views, and financial reports. Reads flow after connection grant; invoice/bill/expense/customer/vendor writes ask + diff; customer-payment, refund, and invoice-void are destructive/always-ask so money movement never rides a session grant. Mirrors the shipped Stripe billing-pack entity_platform pattern. The READ surface is LIVE-VERIFIED against the QuickBooks Online sandbox (2026-06-13): OAuth token exchange, the /query endpoint (base https://quickbooks.api.intuit.com, /v3/company/<realmId>/query?query=<SQL>&minorversion=75 -> QueryResponse.<Entity>[]), single read-by-id (/<entity>/<id> -> {<Entity>}), realmId-in-path + sandbox base, and every read field_path all confirmed against live sandbox data. WRITE ops (create/update/void/payment/refund) are authored to the same documented v3 shapes but were NOT exercised live (non-mutating verification only). This is the QuickBooks catalog + money-write surface ONLY — the two vendor-agnostic accounting workflows (overdue-invoice-chase, accounting-daily-back-office) ship in the vendor-neutral `acct` pack (install it alongside this one for the workflows); their canonical `core.acct.*` read op-steps resolve against THIS vendor's catalog at run (dispatch-time), projecting QuickBooks' raw records to the canonical accounting fields. Canonical accounting op-steps are read-only; money writes ride the gated ingredient binding. See docs/unified-pack-exploration/smb-finance-wedge.spec.md.

pack:accounting-quickbooksaccountingbookkeepingquickbooks
by Recued CoreCertified v1 1 item Pack
Accounting & Bookkeeping - Xero

V3 Xero capability pack for the SMB-finance wedge — the second conformant accounting vendor alongside accounting-quickbooks. Declares the same canonical accounting operations (invoice, bill, expense, payment, refund, customer, vendor, ledger_account) over the Xero Accounting API 2.0 so smb-invoice-finance recipes read AR / AP / cash-in the same way they do on QuickBooks. Adds daily bookkeeping views for open receivables/payables, recent payments/spend, active contacts, catalog/settings lookups, and financial reports without exposing arbitrary where/filter passthrough. Reads flow after connection grant; invoice/bill/expense/customer/vendor writes ask + diff; customer-payment, refund (credit note), and invoice-void are destructive/always-ask so money movement never rides a session grant. Mirrors the shipped Stripe + QuickBooks entity_platform by-value composition pattern. AUTHORED-TO-DOCS, RUNTIME-UNVERIFIED (F4): no live Xero org was available this build. Xero specifics encoded here: base https://api.xero.com/api.xro/2.0, OAuth via login.xero.com + identity.xero.com with offline_access + accounting.transactions/contacts/settings scopes, list responses wrapped under a PascalCase plural key (result_path Invoices/Contacts/Payments/BankTransactions/Accounts), AR vs AP split by Invoice.Type (ACCREC/ACCPAY) and customer vs vendor split by Contact IsCustomer/IsSupplier (Xero unifies both, unlike QuickBooks' separate entities), filtering via the where query param. KNOWN runtime wrinkles to close on a live org (documented, not blockers): (1) every call needs a per-connection Xero-tenant-id header resolved post-OAuth from GET https://api.xero.com/connections — the tenant-header substrate is the slice-5a wiring follow-up (Xero carries the org in a header, not the URL path like QuickBooks' realm); (2) Xero defaults to XML, so calls need Accept: application/json; (3) Xero JSON dates come back in the /Date(ms)/ form, so a date-bearing canonical field needs a parse transform before is_past. This is the Xero catalog + money-write surface ONLY — the two vendor-agnostic accounting workflows (overdue-invoice-chase, accounting-daily-back-office) ship in the vendor-neutral `acct` pack (install it alongside this one for the workflows); their canonical `core.acct.*` read op-steps resolve against THIS vendor's catalog at run (dispatch-time), projecting Xero's raw records to the canonical accounting fields. Canonical accounting op-steps are read-only; money writes ride the gated ingredient binding. See docs/unified-pack-exploration/smb-finance-wedge.spec.md.

pack:accounting-xeroaccountingbookkeepingxero
by Recued CoreCertified v1 1 item Pack
Accounting (any vendor)

The vendor-neutral accounting pack — two cross-vendor money-ops recipes that run against whatever accounting platform you enroll (QuickBooks Online or Xero, or any registered accounting vendor). Every read uses a `core.acct.<entity>.search` kernel op (invoice / payment / customer), so the pack carries no bundled catalog: each op resolves at run against the catalog the bound connection's vendor declares, and projects the canonical accounting fields (balance / due_date / customer_id / email) — never raw vendor records. This is the showcase for the `core.acct.*` canonical convention; the catalog + the money-write surface (invoice/payment/refund creates, always approval-gated) live in the per-vendor capability packs (`accounting-quickbooks` / `accounting-xero`), which you also install to bind a connection. Canonical accounting op-steps are read-only — `overdue-invoice-chase` only sends a reminder email through the gated mail-send kernel ingredient, never moving money. Installs dormant until you pick an enrolled accounting connection for each recipe's `acct` variable (Settings -> the recipe), then runs against the D-165 gateway (operation-level risk / grant / approval + per-call audit).

pack:acctaccountingbookkeepinginvoice
by Recued CoreCertified v1 Pack
Actionlint Pack

V3 deterministic GitHub Actions workflow lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local actionlint CLI ingredient exposes bounded project operations for readiness and GitHub Actions workflow lint diagnostics. Lints run from an explicit project directory cwd supplied at execution time, check one trusted local GitHub Actions workflow YAML file, and return JSON diagnostics via the github_actions.workflow_lint catalog operation. Fixed-function and reproducible: no arbitrary actionlint flags, no caller-supplied config path, no shell wrapper, no Docker image, no workflow execution, and no network egress. ShellCheck and Pyflakes integrations are disabled so the pack depends only on actionlint and never spawns secondary linters. Findings are represented as JSON output instead of failing the op; real invocation errors still fail. Requires actionlint on PATH. Local and no-egress.

pack:actionlintactionlintgithub-actionsworkflow
by Recued CoreCertified v1 1 item Pack
Scheduling - Acuity

API capability pack for bounded Acuity Scheduling API v1 operations against https://acuityscheduling.com/api/v1. Enroll an Acuity HTTP Basic Auth connection named acuity using the account's numeric user ID and API key, or an OAuth-backed connection that can call the same API. The pack reads account metadata, appointment types, calendars, clients, intake forms, appointment add-ons, availability dates, availability times, available classes, appointments, and appointment payments for front-desk scheduling, coaching, classes, consultations, and service business workflows. It bundles a scheduled appointment digest, AI-assisted appointment and availability briefs, and approval-gated workflows for creating one appointment, updating whitelisted appointment details, rescheduling one appointment, canceling one appointment, and blocking one calendar time window. The pack intentionally excludes appointment type mutation, calendar mutation, client mutation, form mutation, package or certificate creation, webhook creation or deletion, block deletion, appointment deletion, report exports, OAuth token endpoints, and arbitrary Acuity API passthrough.

pack:acuityacuityschedulingappointments
by Recued CoreCertified v1 9 items Pack
Adobe Sign Agreement Closure Loop

Workflow pack for Recued-sent Adobe Sign agreements. It composes the Adobe Sign capability pack with a closure ledger: create one agreement through the existing Adobe Sign approval gate, persist only the agreement/library-document/workflow linkage in data.shared when the agreement is sent with IN_PROCESS, and let a scheduled watcher re-read that exact agreement until Adobe Sign reports a role-specific completion status such as signed/approved/delivered/accepted/form_filled, or an exception status such as aborted/cancelled/expired/archived. This pack does not duplicate Adobe Sign reminders, participant notifications, expiration settings, webhook administration, agreement status dashboards, cancellation flows, or MegaSign/bulk sends; it adds Recued-visible closure state for agreements Recued sent.

pack:adobe-sign-agreement-closureadobe-signacrobat-signesignature
by Recued CoreCertified v1 3 items Pack
E-Signature - Adobe Acrobat Sign

API capability pack for bounded Adobe Acrobat Sign REST API v6 operations. Enroll an OAuth bearer connection named adobe-sign against the account API access point returned by Adobe's OAuth/base URI flow; the representative NA1 base is https://api.na1.echosign.com/api/rest/v6. The pack reads base URI metadata, current user context, users, groups, agreements, agreement reminders, user notes, library documents, and workflows for contract lifecycle review, onboarding paperwork, renewal tracking, compliance evidence briefs, and template readiness checks. It bundles a scheduled agreement status digest, AI-assisted agreement and library-template briefs, and approval-gated workflows for creating one agreement from existing file/library/workflow references, creating one agreement reminder, updating the caller's agreement note, and canceling one agreement through the state transition endpoint. Writes are limited to one agreement at a time; cancel is irreversible and uses an always-approval destructive gate. The pack intentionally excludes transient document uploads, binary agreement or template downloads, signing URL and authoring view creation, form-field authoring, webhooks, account/group/user administration writes, library document creation or mutation, MegaSign/bulk send execution, OAuth token endpoints, and arbitrary Adobe Sign API passthrough.

pack:adobe-signadobe-signacrobat-signesignature
by Recued CoreCertified v1 8 items Pack
age Encrypt Pack

V3 deterministic file-encryption capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local age CLI encrypts one source file to one recipient via the file.encrypt_age catalog operation. This pack deliberately exposes encrypt-only recipient mode: no decrypt, no identity files, no passphrase prompts, no recipient files, and no arbitrary flags. Fixed-function and reproducible: the executor materializes the source file and owns the throwaway output directory, while age writes a fixed armored encrypted.age result captured as result.file_ref. Requires age on PATH (Debian/Ubuntu: apt install age; macOS: brew install age). Local and no-egress.

pack:ageagecliencrypt
by Recued CoreCertified v1 1 item Pack
Records - Airtable

API capability pack for bounded Airtable operations against https://api.airtable.com only. The pack discovers accessible bases and table schemas, reads base access/collaborator details, reads one bounded page of records, saved-view queues, sorted record queues, one record, record comments, webhook delivery status, and webhook payloads, creates one record, patch-updates one record, and creates or updates one record comment in a selected base/table. Enroll an Airtable personal access token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. Writes are approval-gated. The pack intentionally excludes schema mutations, record/comment deletes, destructive PUT updates, upserts, bulk record writes, attachment upload flows, webhook creation/deletion, notification toggles, automations, admin configuration, and arbitrary fetches.

pack:airtableairtablerecordsdatabase
by Recued CoreCertified v1 1 item Pack
AI Platform - Anthropic

API capability pack for bounded Anthropic Claude REST API operations against https://api.anthropic.com only. Enroll an Anthropic API connection named anthropic that injects the x-api-key header, or an equivalent short-lived bearer credential; no credential is embedded in this manifest. The pack reads model metadata, creates non-streaming Messages API responses, counts message tokens, reads and cancels existing message batches, and reads beta file metadata for model, prompt, evaluation, and AI operations workflows. It bundles a Claude message brief, a token readiness brief, a scheduled model/batch/file operations digest, and an approval-gated workflow for canceling one message batch. Writes are limited to canceling one existing message batch. The pack intentionally excludes streaming, tool definitions, tool-choice controls, server web/search/fetch tools, code execution, MCP connector/tool routing, container/session/managed-agent APIs, message batch creation and deletion, batch result JSONL download, file upload/content download/delete, skills, admin APIs, user-profile headers, arbitrary Anthropic API passthrough, and dynamic outbound callback routing.

pack:anthropicanthropicclaudeai
by Recued CoreCertified v1 5 items Pack
Sales Intelligence - Apollo

API capability pack for bounded Apollo API v1 operations against https://api.apollo.io/api/v1. Enroll an Apollo API bearer connection named apollo with saved contact, account, sequence, task, deal, outreach email, user, email account, list, stage, usage, and no-credit people-search access. The pack reads revenue engagement records for scheduled operations digests, contact engagement briefs, and sequence readiness checks. It bundles approval-gated workflows for creating one account, creating one contact with dedupe enabled, adding contacts to one existing sequence from one email account, creating one follow-up task, and creating one deal. Writes are limited to one account, contact, sequence enrollment request, task, or deal at a time. The pack intentionally excludes credit-consuming enrichment and organization search endpoints, bulk creates or updates, updates, deletes, direct email sends, sequence creation or mutation, call record mutation, contact-stage or owner batch mutation, user invites, webhook administration, OAuth token generation, and arbitrary Apollo API passthrough.

pack:apolloapollorevenuesales-intelligence
by Recued CoreCertified v1 9 items Pack
Asana Task Closure Loop

Workflow pack for Recued-created Asana tasks. It composes the Asana capability pack with a closure ledger: create one owner-approved task in an existing workspace, optionally place it in one project from that workspace, persist only the connection/workspace/project/task linkage in data.shared, and let a scheduled watcher re-read that exact task until Asana reports completion. This pack does not replace Asana My Tasks, project dashboards, sections, dependencies, tags, followers, custom fields, attachments, webhooks, deletion, project placement tooling, or native task completion controls; it adds Recued-visible closure state for Asana tasks Recued created.

pack:asana-task-closureasanatasksprojects
by Recued CoreCertified v1 2 items Pack
Newsletters - Beehiiv

API capability pack for bounded Beehiiv Data API v2 calls against https://api.beehiiv.com/v2 only. Reads publications, posts, aggregate post stats, email blasts, post templates, subscriptions, custom fields, automations, automation journeys, segments, referral milestones, tiers, and webhook metadata for daily newsletter operations. Approval-gates one-subscriber create/update, subscriber tag add, custom-field create/update, and adding one existing or new subscriber to an automation journey. Enroll a Beehiiv API-key or OAuth bearer connection named beehiiv; no credential is embedded in the manifest. The pack intentionally excludes post create/update/delete/send/test, bulk subscription imports or status sweeps, subscription delete, subscriber JWT login tokens, tier mutation, webhook mutation/test, segment create/delete/recalculate, newsletter-list beta APIs, privacy/data-deletion flows, and arbitrary API passthrough.

pack:beehiivbeehiivnewsletteremail
by Recued CoreCertified v1 1 item Pack
Asana Task Comment Closure Loop

Workflow pack for Recued-created Asana task comments. It composes the Asana capability pack with a closure ledger: add one owner-approved comment story to an existing Asana task, persist only the connection/task/story linkage in data.shared, and let a scheduled watcher re-read that exact task until Asana reports it completed. This pack does not replace Asana tasks, native notifications, task completion controls, project dashboards, reminders, webhooks, or general work reporting; it adds Recued-visible closure state for task comments Recued created.

pack:asana-task-comment-closureasanataskscomments
by Recued CoreCertified v1 2 items Pack
Tasks - Asana

API capability pack for bounded Asana task and project-management calls against https://app.asana.com/api/1.0 only. Reads workspaces, users, user task lists, projects, project status updates, sections, tasks, subtasks, and task stories, and supports approval-gated task creation, subtask creation, task updates, completion changes, project placement, and task comments through Asana's documented data-wrapped JSON request bodies. Bundles a scheduled My Tasks digest, an AI-assisted task/project brief, and an approval-gated task intake workflow. This is intended for daily personal, team, and one-person-company work queues: capture tasks, review My Tasks, scan assigned and open project work, inspect status updates, move work into the right section, complete tasks, and leave follow-up comments. Enroll an Asana personal access token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. The pack intentionally excludes deletes, project/section/user/admin mutation, custom-field mutation, dependencies, followers, tags, attachments, portfolio/goals APIs, webhooks, exports, and arbitrary API passthrough.

pack:asanaasanatasksprojects
by Recued CoreCertified v1 4 items Pack
Voice Intelligence - AssemblyAI

API capability pack for bounded AssemblyAI REST API operations against https://api.assemblyai.com only. Enroll an AssemblyAI API key connection named assemblyai that injects the Authorization header; no credential is embedded in this manifest. The pack lists transcript jobs, creates one pre-recorded transcript job for an explicit media audio_url, reads transcript status and results, exports sentences and paragraphs, searches transcript words, exports subtitles, and retrieves redacted-audio metadata for meeting notes, call analytics, media intelligence, podcast review, accessibility, and RAG preparation. Writes are limited to submitting one transcription job and require approval. The pack intentionally excludes binary upload, transcript deletion, webhooks and callback URLs, streaming WebSocket APIs, streaming-token generation, voice-agent APIs, agent/webhook management, separate LLM Gateway host calls, EU-region host switching, arbitrary AssemblyAI API passthrough, dynamic outbound callbacks, and any operation outside api.assemblyai.com.

pack:assemblyaiassemblyaivoice-aispeech-to-text
by Recued CoreCertified v1 5 items Pack
Relationship CRM - Attio

API capability pack for bounded Attio REST API v2 operations against https://api.attio.com. Enroll an OAuth bearer or API-token bearer connection named attio with object, record, list, list-entry, task, note, and workspace-member access. The pack reads workspace metadata, objects, members, people, companies, deals, lists, list entries, record entries, notes, and tasks for daily relationship operations, record activity briefs, and list pipeline readiness checks. It bundles approval-gated workflows for creating one person, one company, one deal, one list entry, one note, or one follow-up task at a time. The pack intentionally excludes record updates, upserts, deletes, SQL query, object or attribute schema mutation, task completion updates, note deletion, list mutation, file upload/download/delete, comments, threads, meetings, call recordings, transcripts, webhooks, SCIM administration, OAuth token exchange, and arbitrary Attio API passthrough.

pack:attioattiocrmrelationship
by Recued CoreCertified v1 10 items Pack
Identity Access - Auth0

API capability pack for bounded Auth0 Management API v2 operations. Enroll an auth0 API connection with base_url set to the tenant Management API root, for example https://example.auth0.com/api/v2, and authenticate with a Management API bearer token scoped to the installed operations. The pack reads users, user roles, user permissions, user organizations, tenants roles, clients, organizations, organization members, and logs for access governance, account triage, and identity incident review. It bundles a scheduled access hygiene digest, an AI-assisted user access brief, and approval-gated workflows for blocking/unblocking one user and assigning/removing roles for one user. The pack intentionally excludes user creation, deletion, password changes, MFA/enrollment/recovery flows, refresh-token/session revocation, connection/client/organization/role creation or deletion, resource-server and tenant mutation, domain/email-template/branding/actions/rules/jobs/key/secret administration, log export, Guardian/attack-protection mutation, and arbitrary API passthrough.

pack:auth0auth0identityaccess-governance
by Recued CoreCertified v1 7 items Pack
Azure DevOps Pull Request Comment Closure Loop

Workflow pack for Recued-created Azure DevOps pull request comments. It composes the Azure DevOps capability pack with a closure ledger: add one owner-approved top-level thread comment to an existing Azure DevOps pull request, persist only the connection/organization/project/repository/pull-request/thread linkage in data.shared, and let a scheduled watcher re-read that exact pull request until Azure DevOps reports it completed or abandoned. This pack does not replace Azure DevOps pull request comments, native notifications, review approvals, completion or abandon controls, branch policies, builds, service hooks, or general code review reporting; it adds Recued-visible closure state for pull request comments Recued created.

pack:azure-devops-pull-request-comment-closureazure-devopspull-requestscomments
by Recued CoreCertified v1 2 items Pack
Azure DevOps Work Item Comment Closure Loop

Workflow pack for Recued-created Azure DevOps work item comments. It composes the Azure DevOps capability pack with a closure ledger: add one owner-approved comment to an existing work item, persist only the connection/organization/project/work-item/comment linkage in data.shared, and let a scheduled watcher re-read that exact work item until Azure DevOps reports a configured terminal state such as done, closed, removed, or completed. This pack does not replace Azure DevOps work item comments, native notifications, state transitions, assignments, boards, queries, service hooks, or general work-item reporting; it adds Recued-visible closure state for work item comments Recued created.

pack:azure-devops-work-item-comment-closureazure-devopswork-itemscomments
by Recued CoreCertified v1 2 items Pack
Code Projects - Azure DevOps

API capability pack for bounded Azure DevOps Services REST API operations against https://dev.azure.com only. Reads projects, repositories, commits, pull requests, pull request threads, builds, WIQL work item queries, work items, and work item comments, and supports approval-gated pull request thread comments and work item comments. Bundles a scheduled project triage digest, an AI-assisted pull request review brief, an approval-gated pull request comment workflow, and an approval-gated work item comment workflow. Enroll an Azure DevOps OAuth or PAT-backed connection named azure-devops with the narrowest scopes needed for the installed operations. The pack intentionally excludes repository or branch mutation, file writes, pull request completion/abandon/vote/reviewer mutation, work item creation/update/delete, build queue/cancel, release/deployment APIs, service hooks, variable groups, permissions/admin APIs, test plans, and arbitrary API passthrough.

pack:azure-devopsazure-devopsprojectsrepositories
by Recued CoreCertified v1 5 items Pack
HRIS - BambooHR

API capability pack for bounded BambooHR v1 operations against a customer subdomain such as https://companySubDomain.bamboohr.com/api/v1. Enroll a BambooHR API key Basic Auth connection or OAuth bearer connection named bamboohr with employee, field, report, and time-off access. The pack reads employee directory records, employee detail fields, employee table rows, custom reports, field metadata, time-off types, time-off policies, who's-out coverage, and time-off requests for people operations digests, employee record briefs, onboarding checks, manager handoffs, and absence coverage review. It bundles a scheduled people-operations digest, AI-assisted employee and time-off coverage briefs, and approval-gated workflows for creating one employee profile and creating one non-superseding time-off request. Writes are limited to one employee or time-off request at a time. The pack intentionally excludes employee updates, table row mutation, file/photo upload or download, dependent/benefit/payroll mutation, time-off approvals/denials/history overrides/policy assignment, previous-request supersede, webhook administration, OAuth token generation, report definition mutation, and arbitrary BambooHR API passthrough.

pack:bamboohrbamboohrhrispeople-ops
by Recued CoreCertified v1 6 items Pack
Bandit Pack

V3 Python security-lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local bandit CLI ingredient exposes bounded project operations for readiness and Python security linting. Scans run from an explicit project directory cwd supplied at execution time, inspect one trusted Python file or directory for common security issues, and return JSON findings via the python.security_lint catalog operation. Fixed-function and reproducible: recursive scan, JSON output, low severity/confidence threshold, no caller-supplied config/profile/test/skip list, no baseline comparison, no output-file write, no stdin, no custom formatter/template, no shell wrapper, and no network egress. Findings are represented as successful JSON output; real invocation failures still fail. Requires bandit on PATH. Local and no-egress.

pack:banditbanditpythonsecurity
by Recued CoreCertified v1 1 item Pack
Windows Defender Scan (inbound files)

Auto-scan every inbound file for malware with Windows Defender — the Defender sibling of clamav-scan, for a Windows-hosted recued server. Installs one reactive recipe that fires on data.file.received.*.created (an inbound reception drop, messenger media, or mail attachment), runs the Defender pack's file.scan over the bytes, and writes the verdict (clean / flagged) back to the record's scan_status. This sharpens the reception attachment scan-gate (D-173 P5): a flagged upload surfaces a stronger warning when the reviewer approves the held request, while a clean one clears the advisory. Depends on the Windows Defender capability pack (defender-pack), which carries the cli scan op and the MpCmdRun / elevation / Windows-only setup docs; install both on a Windows server running elevated. An MpCmdRun exit-2 result (a threat, or a scan error such as a non-elevated run) is conservatively flagged for review (fail-safe — no malware passes); a launch failure, timeout, or any other exit code leaves scan_status untouched (unscanned, the advisory gate still warns) rather than flagged. After install, the default dish runs on every inbound file; no per-file configuration. Install EITHER this or clamav-scan for your platform — not both.

pack:defender-scanwindows-defenderdefenderscan
by Recued CoreCertified v1 1 item Pack
Commerce - BigCommerce

API capability pack for bounded BigCommerce Store Management API operations. The default egress base is https://api.bigcommerce.com/stores/example; enroll a bigcommerce API connection with base_url set to the actual store root, for example https://api.bigcommerce.com/stores/{store_hash}, and header auth injecting X-Auth-Token. Reads store metadata, catalog summary, products, variants, categories, brands, orders, order statuses, order line items, shipments, coupons, messages, customers, channels, and price lists. Bundles a scheduled store operations digest, an AI-assisted order/customer brief, and approval-gated product listing and order status workflows. Writes are approval-gated and limited to one product listing update, one variant price/inventory update, or one order status update at a time. The pack intentionally excludes destructive deletes, batch endpoints, refunds, payment capture, order creation, shipment mutation, tax/shipping/payment settings, webhooks, scripts, checkout/cart mutation, customer password or stored-payment operations, arbitrary API passthrough, and credential-bearing fields in operation arguments.

pack:bigcommercebigcommercecommerceecommerce
by Recued CoreCertified v1 5 items Pack
Billing Back Office Workflows - Stripe

One-person-company billing workflow pack over the Stripe capability pack. It installs operating views for daily billing review, invoice recovery exceptions, payment exceptions, and customer cleanup, plus owner-approved recovery-exception email actions that seed the shared reply watcher so customer responses re-enter the daily work loop. Stripe native reminders, failed-payment emails, Smart Retries, and Billing Automations own routine recovery; Stripe invoice sends, refunds, voids, cancellations, and payouts stay in the Stripe capability pack's approval-gated operations.

pack:billing-back-office-workflowssoloone-person-companycold-start
by Recued CoreCertified v1 11 items Pack
Biome Pack

V3 JavaScript/TypeScript web-code quality capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local biome CLI ingredient exposes bounded project operations for readiness and formatter/linter/import-sorting diagnostics. Quality checks run from an explicit project directory cwd supplied at execution time, accept one trusted file or directory target, return JSON diagnostics, avoid caller-supplied Biome flags, avoid shell wrappers, and never write files. Fixed-function and reproducible: CI check mode only, JSON reporter, colors disabled, diagnostics capped, no write/fix/unsafe mode, no init/migrate/upgrade/search/LSP/daemon command, no stdin, no caller-supplied config path, no reporter file, no staged/changed/VCS selector, no watch mode, no environment override, no arbitrary command execution, and no network egress. Requires biome on PATH. Local and no-egress.

pack:biomebiomejavascripttypescript
by Recued CoreCertified v1 1 item Pack
Bitbucket Pull Request Comment Closure Loop

Workflow pack for Recued-created Bitbucket pull request comments. It composes the Bitbucket capability pack with a closure ledger: add one owner-approved top-level comment to an existing Bitbucket pull request, persist only the connection/workspace/repository/pull-request/comment linkage in data.shared, and let a scheduled watcher re-read that exact pull request until Bitbucket reports it merged, declined, or superseded. This pack does not replace Bitbucket pull request comments, native notifications, review approvals, merge or decline controls, branch policies, pipelines, webhooks, or general code review reporting; it adds Recued-visible closure state for pull request comments Recued created.

pack:bitbucket-pull-request-comment-closurebitbucketpull-requestscomments
by Recued CoreCertified v1 2 items Pack
Code Projects - Bitbucket

API capability pack for bounded Bitbucket Cloud REST API 2.0 operations against https://api.bitbucket.org/2.0 only. Reads current user, workspaces, repositories, commits, pull requests, pull request comments, pull request commit statuses, issues, and pipelines, and supports approval-gated pull request comments and issue creation. Bundles a scheduled repository triage digest, an AI-assisted pull request review brief, an approval-gated issue intake workflow, and an approval-gated pull request comment workflow. Enroll a Bitbucket OAuth or API-token connection named bitbucket with the narrowest scopes needed for the installed operations. The pack intentionally excludes repository create/update/delete, branch restrictions, default reviewer mutation, pull request merge/decline/approve/request-changes, comment edit/delete/resolve, issue update/delete, pipeline runs/stops/configuration, variables, runners, SSH keys, downloads, webhooks, admin APIs, and arbitrary API passthrough.

pack:bitbucketbitbucketrepositoriespull-requests
by Recued CoreCertified v1 5 items Pack
Black Pack

V3 Python Black format-check capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local black CLI ingredient exposes bounded project operations for readiness and format-check diagnostics. Format checks inspect one trusted Python file or directory from one explicit project directory cwd and return Black text/diff diagnostics via the python.black_format_check catalog operation. Fixed-function and non-writing: check mode, diff output, no color, no cache reads or writes, no stdin, code string, line-range selector, target-version override, config path override, include/exclude override, worker override, preview/unstable style, required-version override, arbitrary flags, environment override, or shell wrapper. Would-reformat results are represented as successful text diagnostics; internal Black errors still fail. Requires black on PATH.

pack:blackblackpythonformat
by Recued CoreCertified v1 1 item Pack
Files - Box

API capability pack for bounded Box metadata operations against https://api.box.com/2.0 only. Reads the current user, file and folder metadata, folder items, recent items, file versions, file comments, review tasks, task assignments, and content metadata search results. Supports approval-gated daily organization and review actions: create folders, rename or move files/folders, copy files/folders, create/update comments, create/update file review tasks, and assign/update task assignments. File upload/download, delete/trash, restore, shared-link management, locks, permissions, tags, folder upload email, collaboration management, comment removal, task removal, task unassignment, and arbitrary passthrough are intentionally not exposed in this metadata pack. Enroll a Box OAuth access token connection as bearer auth; no credential is embedded in the manifest.

pack:boxboxfilesfolders
by Recued CoreCertified v1 1 item Pack
Search Intelligence - Brave Search

API capability pack for bounded Brave Search API operations against https://api.search.brave.com/res/v1 only. Enroll a Brave Search API subscription-token connection named brave-search that injects the X-Subscription-Token header; no credential is embedded in this manifest. The pack reads web search, LLM context, news, image, and video search results for privacy-first research, source discovery, market monitoring, and RAG grounding workflows. It bundles a web research brief, a news monitor brief, and a media discovery brief. The pack intentionally excludes POST variants, Answers API, rich-search callback flows, local POI detail endpoints, Goggles definitions, autosuggest, spellcheck-only calls, arbitrary Brave API passthrough, dynamic callback URLs, and any operation outside api.search.brave.com/res/v1.

pack:brave-searchbrave-searchsearchweb-search
by Recued CoreCertified v1 4 items Pack
Email Marketing - Brevo

API capability pack for bounded Brevo API v3 operations against https://api.brevo.com only. Reads account metadata, contacts, contact attributes, folders, lists, campaigns, campaign share and A/B-test data, transactional templates, transactional email history, transactional reports, email events, and blocked transactional contacts; can create/update one contact, create/update one folder or list, add/remove explicit emails from a list, send/test one campaign or transactional template/email, update one campaign status, and unblock one transactional contact. Enroll a Brevo API-key connection as header auth using api-key; no credential is embedded in the manifest. Writes are approval-gated. The pack intentionally excludes contact deletion, list/folder deletion, all-contact list removal, bulk imports/exports, campaign creation/content editing/deletion, template create/update/delete, SMS/WhatsApp sends, webhook management, custom objects, loyalty, conversations, eCommerce, and arbitrary API passthrough.

pack:brevobrevoemailmarketing
by Recued CoreCertified v1 1 item Pack
Brotli Pack

V3 deterministic Brotli compression capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local brotli CLI ingredient exposes readiness, best/default compression, fast compression, decompression, and compressed-stream integrity testing. Fixed-function and reproducible: the executor materializes source files and owns the throwaway output directory, while brotli writes fixed output files that are captured as result.file_ref. Write-tier operations write only to an engine-managed output dir, read-tier testing returns only exit status, and recipes cannot pass arbitrary flags, dictionaries, comments, large-window modes, source-removal flags, shell wrappers, or caller-controlled output paths. Requires the brotli binary on PATH (Debian/Ubuntu: apt install brotli; macOS: brew install brotli). Local and no-egress.

pack:brotlibrotliclicompression
by Recued CoreCertified v1 1 item Pack
Browser Automation Cloud - Browserbase

API capability pack for bounded Browserbase REST API operations against https://api.browserbase.com/v1 only. Enroll a Browserbase API-key connection named browserbase that injects the X-BB-API-Key header; no credential is embedded in this manifest. The pack creates and releases Browserbase browser sessions, reads session status, live inspector URLs, logs, recordings, projects, project usage, and context metadata, and creates context upload slots for browser automation launch, debugging, usage monitoring, and reusable browser-environment setup. Session and context creation are write-tier operations that consume Browserbase capacity and require approval. The pack intentionally excludes arbitrary browser-control traffic, Playwright/CDP/WebDriver command execution, session uploads, downloads, extensions, certificates, search/fetch/functions/agents APIs, external proxy configuration and proxy credentials, dynamic callbacks, delete-context operations, custom host switching, and arbitrary Browserbase API passthrough.

pack:browserbasebrowserbasebrowser-automationheadless-browser
by Recued CoreCertified v1 5 items Pack
Social Publishing - Buffer

API capability pack for bounded Buffer GraphQL operations against https://api.buffer.com only. Reads the authenticated account, organizations, connected social channels, scheduled/sent/error posts, daily posting limits, aggregate post metrics, idea groups, and content ideas. Bundles a scheduled channel/posts digest, an AI-assisted content calendar brief, and approval-gated workflows for creating one scheduled post or one idea. Enroll a Buffer API key or OAuth access token connection as bearer auth; no credential is embedded in the manifest. Writes are approval-gated and limited to create/edit one post or create one idea. The pack intentionally excludes post deletion, queue reordering, arbitrary GraphQL passthrough, channel/account mutation, team/admin management, OAuth app management, uploads beyond documented remote asset inputs, and unsupported social-network-specific automation.

pack:bufferbuffersocial-mediapublishing
by Recued CoreCertified v1 5 items Pack
Bun Pack

V3 Bun JavaScript/TypeScript toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local bun CLI ingredient exposes bounded project operations for readiness, lockfile freshness checks, installed dependency inspection, dependency vulnerability audit, package publish dry-run inspection, and targeted Bun test execution. Project operations run from an explicit project directory cwd supplied at execution time through the native cli_invocation cwd field, avoid caller-supplied bun flags, avoid shell wrappers, and keep diagnostics visible as text or JSON output. Lock checks use frozen-lockfile dry-run mode and skip lifecycle scripts. Dependency audit is approval-gated because installed package names and versions are sent to npm. Test execution is approval-gated because Bun tests execute project JavaScript and TypeScript. Requires bun on PATH.

pack:bunbunjavascripttypescript
by Recued CoreCertified v1 1 item Pack
Scheduling - Cal.com

API capability pack for bounded Cal.com API v2 operations against https://api.cal.com only. Reads the enrolled profile, bookings, booking attendees and calendar links, event types, schedules, connected calendars, calendar events, conferencing apps, and available slots. Adds approval-gated booking lifecycle actions for daily scheduling work: create one booking, reschedule one booking, request attendee rescheduling, cancel one booking, and mark attendance absence. Enroll a Cal.com API key, managed-user access token, or OAuth access token connection as bearer auth; no credential is embedded in the manifest. The pack intentionally excludes confirm/decline/reassign endpoints, availability-bypass flags, calendar mutation endpoints, event-type/admin writes, Stripe endpoints, webhook mutations, and platform/OAuth-client header-auth endpoints.

pack:calcomcalcomschedulingcalendar
by Recued CoreCertified v1 1 item Pack
Scheduling - Calendly

API capability pack for bounded Calendly scheduling operations against https://api.calendly.com only. Lists the current user, organization memberships, groups, event types, available and busy times, availability schedules, scheduled events, and invitees; retrieves scheduling resources and invitee no-show records; and can approval-gate creating single-use scheduling links, booking an invitee through the Scheduling API, marking an invitee no-show, and canceling a scheduled event. Enroll a Calendly personal access token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. Organization invitations/removals, webhook management, data-compliance deletion, event-type mutation, availability mutation, no-show deletion, and arbitrary API passthrough are intentionally not exposed.

pack:calendlycalendlyschedulingcalendar
by Recued CoreCertified v1 1 item Pack
Canva Comment Reply Closure Loop

Workflow pack for Recued-sent Canva comment replies. It composes the Canva capability pack with a closure ledger: reply once to an existing Canva preview comment thread through the existing approval gate, persist only the connection/design/thread/reply linkage in data.shared, and let a scheduled watcher re-read that exact thread until Canva reports it resolved. This pack does not replace Canva comments, native notifications, comment resolution, design review dashboards, webhook administration, or general design status reporting; it adds Recued-visible closure state for comment replies Recued sent.

pack:canva-comment-reply-closurecanvacommentscollaboration
by Recued CoreCertified v1 2 items Pack
Design Collaboration - Canva

API capability pack for bounded Canva Connect API operations against https://api.canva.com/rest. Enroll a Canva OAuth bearer connection named canva with least-privilege Connect API scopes for the installed operations. The pack reads user profile and capabilities, designs, design pages, export formats, export jobs, folders, folder items, assets, brand templates, brand template datasets, and comment threads/replies for creative operations, campaign review, and design handoff workflows. It bundles a scheduled design operations digest, an AI-assisted design brief, and approval-gated workflows for creating a simple design, starting an export job, replying to a comment thread, and updating asset metadata. Canva marks design pages and comments as preview APIs; the pack exposes them only as explicit read/reply workflows and calls that out in descriptions. The pack intentionally excludes deletes, asset binary uploads/downloads, print-partner APIs, design imports, autofill/merge/resize jobs, folder create/update/move, webhooks, analytics, OAuth token exchange/revoke/introspection, AI credit operations, arbitrary design editing, and arbitrary Canva API passthrough.

pack:canvacanvadesigncreative-ops
by Recued CoreCertified v1 7 items Pack
Cargo Pack

V3 Rust Cargo toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local cargo CLI ingredient exposes bounded project operations for readiness, compile checking, test execution, and Clippy diagnostics. Project operations run from an explicit project directory cwd supplied at execution time, use locked dependency resolution, avoid caller-supplied Cargo flags, avoid shell wrappers, and keep diagnostics visible as text or JSONL output. Compile, test, and lint operations are approval-gated because Cargo may compile project code, execute build scripts and proc macros, invoke toolchain helpers, run tests, and write target cache state. Requires cargo on PATH; Clippy operation also requires the clippy component.

pack:cargocargorustclippy
by Recued CoreCertified v1 1 item Pack
Subscription Revenue - Chargebee

API capability pack for bounded Chargebee API v2 Product Catalog 2.0 operations. Enroll a Chargebee HTTP Basic Auth API-key connection named chargebee with base_url set to the tenant API root, for example https://demo.chargebee.com/api/v2 or https://demo-test.chargebee.com/api/v2; the manifest default uses that documented example host but dispatch uses the enrolled connection's base_url. The pack reads customers, subscriptions, invoices, items, item prices, coupons, events, and hosted pages, and supports approval-gated creation of one customer, one item, one item price, or one hosted checkout page at a time using Chargebee's documented form-encoded request bodies. It bundles a scheduled revenue operations digest, customer revenue brief, catalog readiness brief, and guarded creation workflows. The pack intentionally excludes payment-source mutation, card/bank details, refunds, invoice collection/void/write-off, subscription update/cancel/pause/resume/delete, coupon mutation, event/webhook mutation, site/admin settings, exports, custom fields discovery, and arbitrary Chargebee API passthrough. No credential is embedded in the manifest.

pack:chargebeechargebeebillingsubscriptions
by Recued CoreCertified v1 7 items Pack
CI/CD - CircleCI

API capability pack for bounded CircleCI API v2 operations against https://circleci.com/api/v2 only. Reads the current user, collaborations, projects, pipelines, pipeline configs and values, pipeline definitions, triggers, schedules, workflows, workflow jobs, and job metadata, and supports approval-gated pipeline runs, workflow reruns/cancels, approval-job approvals, and job cancels. Bundles a scheduled project pipeline health digest, an AI-assisted workflow failure brief, and approval-gated pipeline run, workflow rerun, workflow cancel, and hold-job approval workflows. Enroll a CircleCI header-auth connection named circleci that injects the Circle-Token header using a personal API token. The pack intentionally excludes project creation/deletion, checkout key management, environment variable reads or mutation, context mutation, policy bundle mutation, outbound webhook mutation, trigger/schedule mutation, pipeline definition mutation, rollback, OIDC claims, org administration, orb allow-list mutation, user/group administration, SSH reruns by default, and arbitrary API passthrough.

pack:circlecicirclecici-cdpipelines
by Recued CoreCertified v1 7 items Pack
ClamAV Pack

Local malware-scan capability pack. By-value cli connector composition (service_kind=cli): the ClamAV daemon client `clamdscan` scanning a data.file.received record's bytes, via the file.scan catalog operation. The file_ref's bytes are materialized to an engine-managed throwaway temp file, scanned by the local clamd, and the temp file removed in a finally (input_materialize) — no bytes ever flow through op-step values, and no content leaves the machine. The op returns the scanner EXIT CODE only (0 = clean, 1 = infected, 2+ = scan error → the executor rejects and the verdict is left unwritten); the verdict is read from the exit code, never stdout. read-tier / approval=never so a reactive scan runs unattended; the op is cli-kind so it is NEVER an MCP/door tool — only a recipe can invoke it, and only over warehouse file_refs (never an arbitrary host path). PREREQUISITE: install ClamAV and run the clamd daemon — macOS: `brew install clamav` then `freshclam` + run `clamd`; Debian/Ubuntu: `apt install clamav-daemon clamav-freshclam` then `systemctl start clamav-daemon`; Windows: install ClamAV and run the ClamD service. `--fdpass` passes the file descriptor to clamd so it can read the engine temp file even when clamd runs as a different user (Unix socket); a TCP clamd needs read access to the temp dir instead. Drives the ClamAV Scan workflow pack (clamav-scan), which auto-scans every inbound reception drop. A zero-install Windows-Defender variant (`MpCmdRun.exe -Scan -ScanType 3 -File {target} -DisableRemediation`) can be authored the same way (a cli ingredient + a file.scan op with success_codes [0,2]).

pack:clamavclamavclisecurity
by Recued CoreCertified v1 1 item Pack
ClamAV Scan (inbound files)

Auto-scan every inbound file for malware. Installs one reactive recipe that fires on data.file.received.*.created — an inbound reception drop, messenger media, or mail attachment — runs the ClamAV pack's file.scan over the bytes, and writes the verdict (clean / flagged) back to the record's scan_status. This sharpens the reception attachment scan-gate (D-173 P5): a flagged upload surfaces a stronger warning when the reviewer approves the held request, while a clean one clears the advisory. Depends on the ClamAV capability pack (clamav-pack), which carries the cli scan op and the clamd setup docs; install both and run a local clamd. A scan error (clamd down) leaves the file unscanned and the advisory gate still warns — nothing is silently approved. After install, the default dish runs on every inbound file; no per-file configuration.

pack:clamav-scanclamavscansecurity
by Recued CoreCertified v1 1 item Pack
Clerk Pack

API capability pack for bounded Clerk Backend API operations against https://api.clerk.com/v1 only. Enroll a Clerk secret-key bearer connection named clerk with the narrowest user, session, organization, invitation, role, permission, and domain scopes needed for the installed workflows; no credential is embedded in this manifest. The pack reads users, user counts, sessions, organizations, organization memberships, organization invitations, organization domains, organization roles, organization permissions, instance invitations, and instance domains for SaaS access governance, customer onboarding, B2B organization operations, and support review. It bundles scheduled access hygiene, AI-assisted user access review, approval-gated organization invitation, and approval-gated user ban/unban workflows. Writes are limited to one organization, one organization invitation, one organization membership role change, or one user ban/unban at a time. The pack intentionally excludes user create/update/password/MFA mutation, token creation, OAuth access token fetches, testing tokens, session creation/revocation/refresh, invitation revoke, deletes, bulk endpoints, domain mutation, role/permission administration writes, webhook administration, billing credit adjustments, OAuth token exchange, and arbitrary Clerk API passthrough.

pack:clerkclerkidentityaccess-governance
by Recued CoreCertified v1 6 items Pack
ClickUp Task Closure Loop

Workflow pack for Recued-created ClickUp tasks. It composes the ClickUp capability pack with a closure ledger: create one owner-approved task in one live ClickUp List, persist only the connection/list/task linkage in data.shared, and let a scheduled watcher re-read that exact task until ClickUp reports a configured terminal status such as complete, completed, closed, or done. This pack does not replace ClickUp statuses, status workflows, task close controls, dashboards, reminders, automations, webhooks, custom fields, assignments, tags, dependencies, checklists, time tracking, or general project reporting; it adds Recued-visible closure state for ClickUp tasks Recued created.

pack:clickup-task-closureclickuptasksprojects
by Recued CoreCertified v1 2 items Pack
ClickUp Task Comment Closure Loop

Workflow pack for Recued-created ClickUp task comments. It composes the ClickUp capability pack with a closure ledger: add one owner-approved comment to an existing ClickUp task, persist only the connection/task/comment linkage in data.shared, and let a scheduled watcher re-read that exact task until ClickUp reports a configured terminal status such as complete, completed, closed, or done. This pack does not replace ClickUp task comments, native notifications, status workflows, task close controls, dashboards, reminders, automations, webhooks, or general project reporting; it adds Recued-visible closure state for task comments Recued created.

pack:clickup-task-comment-closureclickuptaskscomments
by Recued CoreCertified v1 2 items Pack
Work Management - ClickUp

API capability pack for bounded ClickUp Public API v2 and v3 operations against https://api.clickup.com only. Reads the current user, workspaces, spaces, folders, lists, members, tasks, comments, checklists, tags, custom fields, time entries, goals, Docs, pages, attachments, groups, and webhooks for practical daily work management. Bundles a scheduled workspace task digest, a read-only task review brief, and an approval-gated task intake workflow. Writes are approval-gated and limited to creating or updating one space, folder, list, task, comment, checklist item, tag, time entry, goal, key result, Doc page, or webhook at a time. Enroll a ClickUp connection that injects the documented Authorization header using a personal token or OAuth access token; no credential is embedded in this manifest. The pack intentionally excludes OAuth token exchange, user and guest invites/removals, ACL/privacy edits, audit log queries, arbitrary API passthrough, admin configuration, file upload multipart bodies, legacy time-tracking endpoints, channel/DM management, and bulk imports or destructive bulk actions.

pack:clickupclickupwork-managementtasks
by Recued CoreCertified v1 4 items Pack
Revenue CRM - Close

API capability pack for bounded Close REST API v1 operations against https://api.close.com/api/v1 only. Enroll a Close API connection named close that injects HTTP Basic authentication using the Close API key as the username and an empty password; no credential is embedded in this manifest. The pack reads leads, contacts, opportunities, tasks, notes, pipelines, lead statuses, opportunity statuses, users, and organizations for revenue operations, lead triage, pipeline review, and activity briefing. It supports approval-gated single-record creation and updates for leads, contacts, opportunities, lead tasks, and notes. The pack intentionally excludes deletes, lead merge, bulk task updates, exports, reports, webhook administration, custom-field administration, file upload/download, attachments on notes, email/SMS/call activity creation or sending, sequence/cadence automation, OAuth token generation, custom host switching, and arbitrary Close API passthrough.

pack:closeclosecrmsales
by Recued CoreCertified v1 6 items Pack
Infrastructure Inventory - Cloudflare

API capability pack for bounded Cloudflare REST operations against https://api.cloudflare.com/client/v4. Enroll a cloudflare API connection as a bearer-token connection backed by a scoped Cloudflare API token; no credential is embedded in the manifest. The pack verifies the token; reads accounts, zones, DNS records, Pages projects/deployments/domains, Worker script/deployment/route metadata, R2 buckets/object metadata, KV namespaces/key names, D1 database metadata, Queue inventory/metrics, and account audit logs; and supports approval-gated daily operations for creating/updating simple DNS records and purging specific cached URLs. It intentionally does not expose DNS record deletion, purge-everything, purge by tag/host/prefix, zone/account edits, Worker uploads or script content download, Pages deploy/retry/rollback actions, R2 object download/delete/upload, KV value reads/writes, D1 query/export/import, Queue message pull/send/purge, ruleset writes, token management, or arbitrary API passthrough.

pack:cloudflarecloudflareinfrastructuredns
by Recued CoreCertified v1 1 item Pack
Cloudflared Pack

V3 Cloudflare Tunnel capability pack. The callable surface is a by-value cli composition, not a service ingredient: recipes launch `cloudflared tunnel run <tunnel_name>` as a Recued-managed detached job and reconcile marker/log/pid evidence from the declared result directory. Two postures for the long-running tunnel: enroll it from pack-detail as a supervised daemon (the op declares supervision — restart-on-crash + re-launch-on-server-start), or launch it fire-and-forget from a recipe as a D-179 user-space job that records marker/log/pid evidence, with silent death detected by downstream sweeper recipes through missing or non-zero marker evidence. Requires the cloudflared binary on PATH and a pre-created tunnel.

pack:cloudflaredcloudflaredcloudflaretunnel
by Recued CoreCertified v1 1 item Pack
Workspace - Coda

API capability pack for bounded Coda API v1 operations against https://coda.io/apis/v1 only. Enroll a Coda API token connection that injects the documented Authorization bearer header; no credential is embedded in this manifest. The pack reads token identity, docs, pages, tables, columns, rows, formulas, controls, and mutation status, and it exposes Coda's documented limit and pageToken list parameters for manual pagination. It creates or updates one doc, page, or table row at a time through approval-gated operations, with recipes for doc structure review, table row review, row upsert intake, and page intake. Writes are limited to doc create/update, page create/update, and row insert/upsert/update. The pack intentionally excludes deletes, sharing and ACL changes, publishing controls, page content export/download links, webhooks, packs/admin APIs, arbitrary API passthrough, and bulk destructive actions.

pack:codacodaworkspacedocs
by Recued CoreCertified v1 5 items Pack
Codex Issue Pipeline

V3 workflow-pack example for a one-person company running Codex over GitHub issues. This pack is deliberately not the golden capability-pack standard: GitHub Pack and Codex Pack are the v3 gold examples. The pipeline depends on those capability packs, then installs four workflow recipes over warehouse state. Stage 1 reads open issues through the GitHub pack's issue.search catalog operation and launches one detached Codex run per new issue through the Codex pack's codex.review CLI operation (write-tier, approval-gated). Stage 2 sweeps marker-file evidence (<key>.exit.<code>) into queue outcomes. Stages 3 and 4 notify and finalize success/failure rows. Install once; create one stage-1 dish per repository, one sweeper dish, and one success/failure handler dish. Setup: install github-pack and codex-pack, bind a GitHub api connection, bind notification email, register the result directory as a file slug, and grant the Codex 'Run Codex on local repositories' operation group.

pack:codex-issue-pipelinecodexgithubpipeline
by Recued CoreCertified v1 4 items Pack
Codex Pack

V3 single-file Codex pack standard. The callable surface is a by-value connector composition with service_kind=cli, not a single service ingredient. The direct Codex CLI argv stays visible, and long-running runs declare Recued-managed detachment with marker-file evidence; recipes call the catalog operation and the gateway gates the write-tier run.

pack:codexcodexclideveloper-tools
by Recued CoreCertified v1 1 item Pack
AI Search - Cohere

API capability pack for bounded Cohere REST API operations against https://api.cohere.com only. Enroll a Cohere API key bearer connection named cohere; no credential is embedded in this manifest. The pack reads API-key status, model metadata, datasets, dataset usage, embed jobs, tokenization results, rerank results, and text embedding responses for semantic search, retrieval, RAG evaluation, and embedding operations. It bundles a rerank review brief, an embedding readiness brief, a scheduled model/dataset operations digest, and approval-gated workflows for creating or canceling one async embed job. Writes are limited to creating one embed job for an existing dataset or canceling one embed job. The pack intentionally excludes streaming-only chat and generate endpoints, deprecated classify/connectors surfaces, OAuth connector authorization, fine-tuning create-update-delete, dataset upload/create/delete, audio transcription uploads, batch create/cancel, model deletion or mutation, arbitrary Cohere API passthrough, and any dynamic outbound callback or tool-execution routing.

pack:coherecohereaisemantic-search
by Recued CoreCertified v1 6 items Pack
Composer Pack

V3 PHP Composer toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local composer CLI ingredient exposes bounded project operations for readiness, composer.json validation, test script execution, and dependency policy audit. Project operations run from an explicit project directory cwd supplied at execution time, use non-interactive/no-ANSI output, avoid caller-supplied Composer flags, avoid shell wrappers, and keep diagnostics visible as text or JSON output. Test execution is approval-gated because Composer scripts execute project-defined code. Dependency audit is approval-gated because Composer checks installed packages against Packagist or configured repository advisory data. Requires composer on PATH.

pack:composercomposerphpphpunit
by Recued CoreCertified v1 1 item Pack
Confluence Inline Comment Reply Closure Loop

Workflow pack for Recued-created replies to existing Confluence inline comments. It composes the Confluence capability pack with a closure ledger: add one owner-approved storage-format reply to an existing inline comment on a configured page, persist only the connection/cloud/page/comment/reply linkage in data.shared, and let a scheduled watcher re-read that page's inline comments until Confluence reports the root comment resolved, no longer returns the comment, or the page reaches a configured terminal status. This pack does not replace Confluence inline comments, resolved-state controls, native notifications, tasks, page/blog workflows, page properties, automations, labels, permissions, or space governance; it adds Recued-visible closure state for inline-comment replies Recued created.

pack:confluence-inline-comment-reply-closureconfluencecommentsinline-comments
by Recued CoreCertified v1 2 items Pack
Knowledge Base - Confluence

API capability pack for bounded Confluence Cloud REST API v2 operations through Atlassian OAuth at https://api.atlassian.com only. Lists accessible Atlassian resources to discover cloud IDs, then reads and manages Confluence spaces, pages, blog posts, labels, attachments, comments, tasks, content properties, hierarchy, versions, and custom content for daily company knowledge-base work. Bundles a scheduled space activity brief, an AI-assisted page review brief, and an approval-gated page draft/create workflow. Enroll an Atlassian OAuth access token connection as bearer auth; no credential is embedded in the manifest. Writes are approval-gated and limited to one page, blog post, comment, task, space, or content property at a time. The pack intentionally excludes user invites/access checks, admin-key endpoints, space permission/role changes, classification-level changes, redactions, file upload/download bodies, attachment deletion, custom-content mutation, whiteboard/database/smart-link mutation, purge deletes, bulk permission transitions, GraphQL/CQL passthrough, and arbitrary endpoint passthrough.

pack:confluenceconfluenceatlassianknowledge-base
by Recued CoreCertified v1 4 items Pack
Content Operations - Contentful

API capability pack for bounded Contentful Content Management API operations against https://api.contentful.com only. Enroll a Contentful content-management token or OAuth bearer connection named contentful; no credential is embedded in this manifest. The pack reads spaces, environments, content types, entries, entry references, assets, locales, and tags, and supports approval-gated entry draft creation, full entry field replacement, and entry publish using Contentful version-lock headers. The bundled recipes provide an entry/reference brief, approval-gated draft creation, operational content digest, guarded field replacement, and guarded publish workflow. The pack intentionally excludes Content Delivery/Preview/GraphQL/Images APIs, EU/custom host switching, uploads and asset processing, asset writes, deletes, unpublish/archive, bulk operations, releases, webhooks, app/admin APIs, AI Actions, semantic search, and arbitrary API passthrough.

pack:contentfulcontentfulcmscontent-management
by Recued CoreCertified v1 6 items Pack
CRM Augmentation (cross-vendor)

Cross-vendor companion to the per-vendor augmentation recipes folded into the `recued-core.hubspot` + `recued-core.salesforce` vendor packs (the standalone `sales-augmentation-*` packs were retired in D-182 Slice 4). Ships *alerts only* — no producers. Producers stay vendor-specific in each per-vendor pack and write rows under `connection.api.<vendor>.<entity>.<id>.<topic>` paths; this pack reads them through the `core.data.enrichment.list` op, vendor-agnostic by construction (the dynamic `scope` arg resolves to `{{context.event.payload.platform}}` at read time). The three CRM-entity alerts subscribe via the canonical `on: <crm_alias>.changed` sugar (`deal.changed` / `contact.changed`), which fans one subscription per installed vendor carrying that alias — HubSpot + Salesforce today, any future CRM automatically; the new-inquiry alert subscribes to inbound mail (`data.mail.**.created`) instead. Install AT LEAST one vendor-specific pack alongside this one to get producers populating the topics. Variants share `variant_group` with the per-vendor recipes and carry `variant_kind: 'cross_vendor'` discriminator so the marketplace UI can collapse the card with vendor switch. Per spec § A.8.2 the install dialog SHOULD warn about overlap when both this pack and a vendor-specific pack covering the same alerts are installed (non-blocking — multi-CRM tuners may want both for vendor-specific tuning + cross-vendor catch-all).

pack:crm-augmentationpack:sales-augmentationcrmhubspot
by Recued CoreCertified v1 Pack
CRM Commitment Tracker (post-substrate canary)

Post-substrate canary pack for the D-139 engagement evidence substrate per spec § P6.B. Privacy-tier separated from the deterministic `crm-engagement-augmentation` pack (P6.A): this pack reads mail bodies + calendar descriptions + memory entries + per-type CRM engagement bodies to extract commitments people made ("you said you'd send X by Friday") and tracks follow-through. Installs one Layer-1 silent producer (`commitment-tracker-producer`) wrapping the AI-surface `commitment_tracker` topic + one Layer-2 visible alert (`notify-commitment-due-soon`) that fires when a pending commitment's `due_at` falls within the next 24h. Authorship-filtered (extracts ONLY from `'user'` / `'crm_user'` / `'unknown'` rows — automation/system_process rows can't make commitments). Body-state acceptance is tighter than P5 AI-surface canaries: requires `'inline_body'` (full-context required for accurate extraction; truncated previews skipped). Dedupe acceptance `'exact_only'` so probable-twin emails extract as TWO separate commitments rather than collapsing into one. Manual trust default per D-132 — user must promote at MANUAL_RUN_THRESHOLD before the substrate fires. Free-pool first per spec — commitment text generation is bounded, low-token; routing through the user's free-tier pool keeps the pack cost-neutral by default. Pack install carries an implicit MCP body-content permission grant for `data.contact.engagements.body_content` per spec § A.9.5 — without it the AI would have nothing to extract from. The grant is pack-scoped: installing the deterministic `crm-engagement-augmentation` pack does NOT carry a body-content grant. Status: post-substrate canary — graduated from launch-flag gating; marketplace listing surfaces unconditionally. Independent install gate from the deterministic pack — installs without `crm-engagement-augmentation`, vice versa, no implicit pack dependency.

pack:crm-commitment-trackercrmhubspotsalesforce
by Recued CoreCertified v1 Pack
CRM Engagement Augmentation

Primary deterministic pack for the D-139 engagement evidence substrate. Installs four Layer-1 silent producer recipes (`engagement-velocity-producer` / `engagement-silence-producer` / `inbound-outbound-ratio-producer` / `last-meaningful-touch-producer`) wrapping the deterministic deal-level topics (`engagement_velocity_signal` + `engagement_silence_duration` + `inbound_outbound_ratio` + `last_meaningful_touch`) plus four Layer-2 visible alerts that surface decaying-velocity deals, silence-exceeded deals, out-of-band engagement (rep mail not landing in CRM), and overdue meeting follow-ups. Producers and alerts are vendor-agnostic — both subscribe to the cross-vendor deal/opportunity update bus and dispatch via the dynamic `{{context.event.payload.platform}}` scope that resolves to either `connection.api.hubspot.deal` or `connection.api.salesforce.opportunity` per event. The substrate-side housekeeping engagement-aggregates code (D-139 P3 + P4) is the canonical compute path; producer recipes here re-emit the row through the recipe-cycle audit so the user sees the topic ticking on each deal touch (Layer-1 pattern). Cost-preview previews zero token cost (deterministic only). Independent install gate from the post-substrate canary `crm-commitment-tracker` pack (P6.B) — installing the deterministic pack does NOT carry a body-content MCP grant.

pack:crm-engagement-augmentationcrmhubspotsalesforce
by Recued CoreCertified v1 Pack
CRM (any vendor)

The vendor-neutral CRM pack — seven canonical reporting recipes that run against whatever CRM you enroll (HubSpot deals, Salesforce opportunities, or any registered CRM vendor). Every step uses a `core.crm.<entity>.<verb>` kernel op (deals / contacts / accounts), so it carries no bundled catalog: each op resolves at run against the catalog the bound connection's vendor declares, and projects the canonical fields (name / stage / amount / key_dates / close_state) — never raw vendor properties. This is the showcase for the `core.crm.*` canonical convention; vendor-specific recipes that need raw platform fields live in the per-vendor packs (`recued-core.hubspot` / `recued-core.salesforce`) instead. Installs dormant until you pick an enrolled CRM connection for each recipe's `crm` variable (Settings -> the recipe), then runs against the D-165 gateway (operation-level risk / grant / approval + per-call audit).

pack:crmcrmdealcontact
by Recued CoreCertified v1 Pack
CSVCut Pack

V3 deterministic CSV column-selection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local csvcut CLI returns selected columns from one trusted local CSV path via the csv.select catalog operation. This is the reproducible csvkit-backed fallback for qsv select while qsv lacks a Debian-stable package. Path-based by design: selected CSV rows are stdout value output, so this operation does not combine file_ref materialization with stdout capture. Requires csvkit on PATH (Debian/Ubuntu: apt install csvkit; Python environments: pip install csvkit). Local and no-egress.

pack:csvcutcsvkitcsvcutcli
by Recued CoreCertified v1 1 item Pack
CSVGrep Pack

V3 deterministic CSV row-search capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local csvgrep CLI returns rows from one trusted local CSV path where a named column matches a literal string via the csv.search catalog operation. This is the reproducible csvkit-backed fallback for qsv search while qsv lacks a Debian-stable package. Path-based by design: matching CSV rows are stdout value output, so this operation does not combine file_ref materialization with stdout capture. Requires csvkit on PATH (Debian/Ubuntu: apt install csvkit; Python environments: pip install csvkit). Local and no-egress.

pack:csvgrepcsvkitcsvgrepcli
by Recued CoreCertified v1 1 item Pack
.NET Pack

V3 .NET CLI toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local dotnet CLI ingredient exposes bounded project operations for readiness, build checking, and test execution. Project operations run from an explicit project directory cwd supplied at execution time, disable implicit restore, suppress the logo, avoid caller-supplied dotnet/MSBuild/test-runner flags, avoid shell wrappers, and keep diagnostics visible as text output. Build and test operations are approval-gated because dotnet may compile project code, load SDK/MSBuild targets, run test adapters and test code, and write bin/obj/TestResults or other project-controlled artifacts. Requires dotnet on PATH.

pack:dotnetdotnetcsharpfsharp
by Recued CoreCertified v1 1 item Pack
CSVKit Pack

V3 deterministic CSV validation capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local csvclean CLI validates one CSV file via the csv.validate catalog operation. This pack deliberately exposes a safe validator only: csvkit's transform tools mostly write transformed content to stdout, which is not a good fit for file_ref materialization and content-isolation. The operation materializes the source file, runs fixed csvclean structural checks, and captures no stdout/stderr value. Requires csvkit on PATH (Debian/Ubuntu: apt install csvkit; Python environments: pip install csvkit). Local and no-egress.

pack:csvkitcsvkitcsvcleancli
by Recued CoreCertified v1 1 item Pack
CSVStat Pack

V3 deterministic CSV statistics capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local csvstat CLI summarizes one trusted local CSV path as JSON via the csv.stats catalog operation. This is the reproducible csvkit-backed fallback for qsv stats while qsv lacks a Debian-stable package. Path-based by design: stats are stdout value output, so this operation does not combine file_ref materialization with stdout capture. Requires csvkit on PATH (Debian/Ubuntu: apt install csvkit; Python environments: pip install csvkit). Local and no-egress.

pack:csvstatcsvkitcsvstatcli
by Recued CoreCertified v1 1 item Pack
curl Pack

V3 bounded HTTP inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local curl CLI ingredient exposes fixed operations for version readiness, HTTP status/timing, response headers, bounded text body retrieval, and bounded JSON body retrieval. Network operations require approval because they contact a caller-supplied URL, disclose executor network metadata to the remote host, and may reach private network services from the executor environment. The pack permits only http/https URLs, restricts curl and redirect protocols to http/https, disables curl config-file loading and URL glob expansion, caps redirects, connection time, total time, and advertised response size, and does not expose arbitrary methods, request headers, request bodies, uploads, output files, config files, local/file protocols, proxy settings, cookies, credentials, shell wrappers, or arbitrary curl flags. Requires curl on PATH.

pack:curlcurlclihttp
by Recued CoreCertified v1 1 item Pack
Customer Support / Reply Desk

Workflow pack for one-person-company customer replies. It turns Email / Outbox plus contact timeline context into a support desk: triage likely customer questions, draft a grounded reply from a selected mail thread, send only through the mail-send approval boundary, and watch the thread for the customer's next actionable response. The pack owns the support workflow, not any new mail primitive.

pack:customer-support-reply-deskcustomer-supportreply-desksupport
by Recued CoreCertified v1 9 items Pack
Team Chat - Google Chat

API capability pack for bounded Google Chat API v1 operations against https://chat.googleapis.com/v1 only. Reads spaces, space metadata, space messages, message details, members, message reactions, and recent space events. Bundles a scheduled space activity digest, an AI-assisted thread brief, and an approval-gated space update workflow. Writes are approval-gated and limited to sending one plain-text message or thread reply. Enroll a Google OAuth bearer connection named google with the narrowest Chat scopes needed for the installed operations. The pack intentionally excludes admin search, space creation/update/delete/setup/import, membership mutation, message edit/delete, pin/unpin, reaction mutation, media upload/download, attachment binary reads, custom emoji mutation, user read-state and notification-setting mutation, cards/widgets, webhooks, subscriptions, and arbitrary API passthrough.

pack:google-chatgoogle-chatchatspaces
by Recued CoreCertified v1 4 items Pack
Dasel Pack

V3 deterministic structured-data path extraction pack. By-value connector composition (service_kind=cli, no separate ingredient): the local dasel CLI reads one trusted local structured-data path and extracts a selector as JSON via structured.extract_path. Dasel selectors are path-oriented and intentionally narrower than exposing an arbitrary jq program. This operation is path-based value output because the selected data is returned on stdout. Requires dasel on PATH (Debian/Ubuntu: apt install dasel). Local and no-egress.

pack:daseldaselclijson
by Recued CoreCertified v1 1 item Pack
Observability - Datadog

API capability pack for bounded Datadog REST API operations against the US1 API base https://api.datadoghq.com only. Reads API-key validity, monitors, monitor groups, logs, events, and metric query results, and supports approval-gated monitor mute and unmute calls for one monitor. Bundles a scheduled observability triage digest, an AI-assisted monitor investigation brief, and approval-gated monitor mute/unmute workflows. Enroll a Datadog header-auth connection named datadog that injects DD-API-KEY and DD-APPLICATION-KEY with the narrowest permissions needed for the installed operations. The pack intentionally excludes monitor create/update/delete, downtimes, dashboards, notebooks, SLO/service-catalog mutation, incident mutation, logs/events/metrics ingest, integrations, API/app key management, roles/teams/users, restriction policies, audit/admin APIs, and arbitrary API passthrough.

pack:datadogdatadogobservabilitymonitors
by Recued CoreCertified v1 5 items Pack
Data Operations - dbt Cloud

API capability pack for bounded dbt Cloud Administrative API operations against https://cloud.getdbt.com only. Enroll a dbt Cloud API token connection named dbt-cloud that injects Authorization: Token <token> or an equivalent bearer header; no credential is embedded in this manifest. The pack reads accounts, projects, environments, jobs, runs, run steps, and run artifacts, and supports approval-gated triggering of one job run and cancellation of one run. It bundles a run-health brief, run-artifact brief, guarded job trigger, and guarded run cancel workflow. The pack intentionally excludes project, environment, job, connection, credential, group, user, invite, SCIM, service-token, webhook, audit-log export, semantic-layer, Discovery API, regional/private-host switching, retry/rerun routes, arbitrary artifact paths outside documented run artifacts, and arbitrary dbt API passthrough.

pack:dbt-clouddbt-clouddbtdata-ops
by Recued CoreCertified v1 5 items Pack
Voice and Text Intelligence - Deepgram

API capability pack for bounded Deepgram REST API operations against https://api.deepgram.com only. Enroll a Deepgram API connection named deepgram that injects the Authorization header, commonly Authorization: Token <API_KEY>; no credential is embedded in this manifest. The pack transcribes and analyzes one explicit pre-recorded media URL, analyzes explicit text, reads public and project model catalogs, reads projects, usage fields, usage breakdowns, and project balances for meeting notes, call analytics, media intelligence, product research, compliance review, usage monitoring, and model inventory workflows. Transcription and text analysis are synchronous JSON read-tier inference calls that consume Deepgram quota but do not create durable customer resources through this pack. The pack intentionally excludes WebSocket streaming, turn-based audio, voice-agent configuration and variables, token generation, binary file upload, binary text-to-speech output, callback and callback_method parameters, arbitrary extra metadata, project/key/member/invite/request mutations or deletes, self-hosted distribution credentials, billing purchase exports beyond balances, regional/custom host switching, arbitrary Deepgram API passthrough, dynamic outbound callbacks, and any operation outside api.deepgram.com.

pack:deepgramdeepgramvoice-aispeech-to-text
by Recued CoreCertified v1 5 items Pack
Windows Defender Pack

Local malware-scan capability pack for a Windows-hosted recued server — the zero-install sibling of clamav-pack. By-value cli connector composition (service_kind=cli): Microsoft Defender's MpCmdRun.exe scanning a data.file.received record's bytes, via the file.scan catalog operation. The file_ref's bytes are materialized to an engine-managed throwaway temp file, scanned by the built-in Defender engine, and the temp file removed in a finally (input_materialize) — no bytes flow through op-step values and nothing leaves the machine. VERDICT FROM THE EXIT CODE: the op runs `MpCmdRun.exe -Scan -ScanType 3 -File {target} -DisableRemediation`; per Microsoft's docs the return code is 0 (no malware found) or 2 (malware found and NOT remediated, OR a scan error). `-DisableRemediation` is load-bearing — it suppresses remediation so a detected threat stays 'found and not remediated' (exit 2) instead of collapsing to 'found and remediated' (exit 0); WITH it, exit 0 means no malware found in the custom -File scan path. This is INFERRED from Microsoft's docs (it holds for file-based malware in the custom scan; it is NOT independently verified across every threat category — PUA / behavioral / network detections may not be covered by a custom file scan at all). exit_code_handling success_codes [0,2] → 0 maps to clean, 2 maps to flagged. The exit-2 ambiguity (threat vs scan error, e.g. a non-elevated run) is FAIL-SAFE: a scan error surfaces as 'flagged' (extra review), never as a false 'clean' — no malware passes. read-tier / approval=never so a reactive scan runs unattended; cli-kind so it is never a raw MCP/door tool. PREREQUISITES (Windows only): (1) the recued SERVER must run ON WINDOWS — MpCmdRun.exe is Windows-only; (2) run the server ELEVATED (as Administrator) — MpCmdRun -Scan needs elevation, else it returns exit 2 (every file false-flags); (3) MpCmdRun.exe is NOT on PATH — this pack uses the stable absolute path `C:\Program Files\Windows Defender\MpCmdRun.exe`; if Defender lives elsewhere (a versioned `C:\ProgramData\Microsoft\Windows Defender\Platform\<version>` install), edit the op's argv_template + the ingredient entry_point/probe; (4) Defender must be ENABLED and its security intelligence CURRENT — stale definitions miss new malware and return exit 0 (a false clean, with no exit-code signal, exactly as a stale freshclam DB would for ClamAV), so keep auto-updates on or run `MpCmdRun.exe -SignatureUpdate` on a schedule. A scan is only as good as the definition date. Drives the Windows Defender Scan workflow pack (defender-scan), which auto-scans every inbound reception drop. ALTERNATIVE (cleaner threat/error split, not shipped): a PowerShell wrapper over `Start-MpScan -ScanPath {target} -ScanType CustomScan` + `Get-MpThreatDetection` can distinguish a real detection from a scan error and exit 0/1 — at the cost of a fiddly detection-filter; switch to it here if the exit-2 false-flag noise bites.

pack:defenderwindows-defenderdefendermpcmdrun
by Recued CoreCertified v1 1 item Pack
Deno Pack

V3 Deno JavaScript/TypeScript runtime capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local deno CLI ingredient exposes bounded project operations for readiness, formatting checks, lint diagnostics, type checks, dependency graph inspection, dependency vulnerability audit, and sandboxed targeted test execution. Project operations run from an explicit project directory cwd supplied at execution time through the native cli_invocation cwd field, avoid caller-supplied deno flags, avoid shell wrappers, and keep diagnostics visible as text or JSON output. Type-check, info, and audit operations use frozen-lockfile mode. Test execution uses cached-only module loading and disables permission prompts while granting no runtime permissions. The pack intentionally excludes deno task, deno run, compile, publish, add/remove/update, fix/write modes, watch mode, arbitrary permission grants, arbitrary import maps, and caller-selected remote URLs. Requires deno on PATH.

pack:denodenojavascripttypescript
by Recued CoreCertified v1 1 item Pack
df Pack

V3 deterministic filesystem capacity-inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local df CLI ingredient exposes bounded read-only disk-capacity metadata for readiness, one trusted local path, one executor-supplied project directory, inode usage, and local mounted filesystems. The operations return filesystem capacity rows only; they do not return file content, list child paths, recurse directories, select remote mounts, accept filesystem type filters, expose arbitrary df flags, rely on BLOCKSIZE environment overrides, read stdin, write output files, or use a shell wrapper. Editable paths reject flag-like values, URL-like references, and scp-style remotes. Project operations run from an explicit project directory cwd supplied at execution time. Requires a POSIX-compatible df on PATH. Local and no-egress.

pack:dfdfclifilesystem
by Recued CoreCertified v1 1 item Pack
DiG DNS Pack

V3 bounded DNS diagnostics capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local dig CLI ingredient exposes fixed operations for readiness plus common DNS lookups: A, AAAA, CNAME, MX, TXT, NS, SOA, CAA, and reverse PTR. DNS lookup operations require approval because they send caller-supplied names or addresses through the executor's local dig resolver selection and can reveal the executor network path. The pack uses short output, one lookup name/address per invocation, fixed timeout and retry caps, explicit command-line overrides for trace, nssearch, search-list, TCP, and responder-identification defaults, and no caller-supplied resolver, query class, arbitrary record type, trace, zone transfer, batch file or config file, environment override, stdin, output-file write, or shell wrapper. Requires dig on PATH, commonly provided by BIND utilities.

pack:digdigdnscli
by Recued CoreCertified v1 1 item Pack
Infrastructure Inventory - DigitalOcean

API capability pack for bounded DigitalOcean API v2 operations against https://api.digitalocean.com. Enroll a digitalocean API connection as a bearer-token connection backed by a scoped DigitalOcean personal access token or OAuth access token; no credential is embedded in the manifest. The pack reads account metadata, billing balance/history/invoices, Droplets, backups, snapshots, firewalls, domains and DNS records, projects, VPCs, database clusters and backups, Kubernetes clusters, load balancers, volumes, regions, sizes, certificates, monitoring alert policies, and App Platform apps/deployments/events/alerts/health, plus approval-gated DNS record create/update for daily domain maintenance. It intentionally does not expose DNS record deletion, domain mutation, Droplet actions, database user/password endpoints, Kubernetes kubeconfig/credentials, App deploy/retry/rollback/log/exec actions, invoice CSV/PDF downloads, volume actions, load-balancer writes, create/update/delete endpoints outside single DNS records, or arbitrary API passthrough.

pack:digitaloceandigitaloceaninfrastructurecloud
by Recued CoreCertified v1 1 item Pack
Community Chat - Discord

API capability pack for bounded Discord HTTP API v10 operations against https://discord.com/api/v10. Reads current user or bot identity, guilds, channels, members, roles, invites, messages, pins, reactions, active and archived threads, guild message search, and scheduled events, and supports approval-gated single message sends and edits, own reactions, pins, thread creation and membership, invite creation, and scheduled event creation or update. Bundles a scheduled channel activity digest, an AI-assisted thread brief, and an approval-gated channel update workflow. Enroll a Discord bot token or OAuth bearer token connection named discord; no credential is embedded in the manifest. Message content can be empty or partial when the app lacks Discord's privileged Message Content intent. The pack intentionally excludes message delete and bulk delete, ban/kick/moderation actions, role/member/guild/channel administration, webhook-token endpoints, file upload, DM creation, application commands, OAuth token exchange, audit log access, and arbitrary API passthrough.

pack:discorddiscordcommunitychat
by Recued CoreCertified v1 4 items Pack
Contacts - Google Contacts

API capability pack for bounded Google People API v1 calls against https://people.googleapis.com only. Enroll a Google OAuth bearer connection named google with the narrowest People API scopes needed for the installed operations. Reads Google contacts, contact groups, other contacts, and Google Workspace directory people. Writes are approval-gated and limited to creating/updating/deleting one contact, copying one other contact into My Contacts, creating/updating/deleting one contact group without deleting member contacts, and adding or removing contact-group members by resource name. The pack intentionally excludes batch create/update/delete, contact photo mutation, profile mutation, domain admin directory writes, arbitrary Google APIs, arbitrary People API passthrough, and unsafe raw resourceName path interpolation.

pack:google-contactsgoogle-contactsgoogle-peoplegoogle-workspace
by Recued CoreCertified v1 1 item Pack
Docker Compose Pack

V3 deterministic container-orchestration capability pack. By-value cli composition (service_kind=cli, no separate service ingredient): one local docker CLI ingredient exposes bounded Docker Compose readiness, config inspection, stack launch, stack teardown, and stack status operations. The read path covers docker_compose.version plus compose.config_json / compose.config_validate / compose.config_services / compose.config_images / compose.config_profiles / compose.config_variables; up/down remain admin-risk and approval=ask because they start or stop a container stack. NOT a Recued-supervised daemon: `docker compose up -d` launches the stack into Docker's OWN lifecycle and returns immediately; Recued records the one-shot launch, it does not health-check or restart the containers. The compose file is a validated local path on the server the user points at; Docker Compose resolves relative paths from the first compose file by default. Requires Docker Engine + the compose plugin on PATH (rootless Docker supported). Replaces the retired docker-compose-{linux,macos,win} service templates.

pack:docker-composedocker-composedockercompose
by Recued CoreCertified v1 1 item Pack
Docker Pack

V3 bounded Docker daemon diagnostics capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local docker CLI ingredient exposes fixed operations for client readiness, context inventory, daemon info, container/image/volume/network inventory, disk-usage summary, stats snapshot, and explicit container/image inspection. Docker daemon and context operations require approval because Docker socket access can reveal host paths, image names, container names, labels, environment, network endpoints, and other sensitive local runtime metadata. The pack exposes no run, exec, attach, cp, logs, build, pull, push, login, start, stop, restart, kill, rm, rmi, prune, system mutation, plugin, compose, arbitrary Docker flags, environment override, stdin, output-file write, or shell wrapper. Requires Docker CLI on PATH and a reachable Docker daemon for daemon operations.

pack:dockerdockerclicontainer
by Recued CoreCertified v1 1 item Pack
Docling Pack

V3 deterministic document-parse capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local docling CLI parsing a source document (PDF / DOCX / PPTX / HTML / image / spreadsheet / email / audio) into Markdown the model can read, via the document.to_markdown catalog operation. Fixed-function and reproducible — conversion happens locally before any model sees the content. Write-tier but approval=never: the parse is a faithful local file write into an engine-managed throwaway temp dir, ingested into data.file.received (CAS) and surfaced as result.file_ref; the temp dir is removed after capture, so the only durable copy is the content-addressed, Gateway-gated data.file record (output_capture). A downstream ai-* step reads the parsed Markdown via { file_ref } so the content never flows through op-step values. Large/heavy PDFs (docling runs ML layout/OCR) can exceed the 90s foreground cap; those ride a detached execution path when it lands. Part of the Lane-1 deterministic document toolkit alongside pandoc-pack (render). Supersedes the legacy document-normalization ingredient pack.

pack:doclingdoclingclidocument
by Recued CoreCertified v1 1 item Pack
DocuSign Envelope Closure Loop

Workflow pack for Recued-sent DocuSign template envelopes. It composes the DocuSign capability pack with a closure ledger: send one template envelope through the existing DocuSign approval gate, persist only the envelope/template/account linkage in data.shared, and let a scheduled watcher re-read that exact envelope until DocuSign reports completed, declined, voided, deleted, or expired. This pack does not duplicate DocuSign reminders, expiration settings, recipient notifications, Connect/webhook administration, or general envelope status dashboards; it adds Recued-visible closure state for envelopes Recued sent.

pack:docusign-envelope-closuredocusignesignaturecontracts
by Recued CoreCertified v1 3 items Pack
E-Signature - DocuSign

API capability pack for bounded DocuSign eSignature REST API v2.1 operations. Enroll a docusign OAuth bearer connection with the signature scope and set base_url to the account REST API root returned from /oauth/userinfo, such as https://demo.docusign.net/restapi or https://www.docusign.net/restapi. The pack reads accounts, settings, users, groups, permission profiles, brands, folders, envelopes, recipients, tabs, document metadata, templates, custom fields, bulk-send metadata, contacts, audit events, notifications, and form data. Bundles a scheduled envelope status digest, a read-only envelope evidence brief, and an approval-gated send-from-template workflow. Writes are approval-gated and limited to one envelope/template/contact/custom-field/notification action at a time. It intentionally excludes arbitrary endpoint passthrough, Connect/webhook administration, permission or user administration writes, group and signing-group writes, billing plan changes, bulk-send execution, purges, deletes, locks, document binary downloads, signature image downloads, multipart uploads, recipient/signing ceremony URL creation, and arbitrary template/envelope correction URLs.

pack:docusigndocusignesignaturecontracts
by Recued CoreCertified v1 4 items Pack
E-Signature - Dropbox Sign

API capability pack for bounded Dropbox Sign API v3 operations against https://api.hellosign.com/v3. Enroll a Dropbox Sign API key HTTP Basic Auth connection or OAuth bearer connection named dropbox-sign with account, template, team, bulk-send-job, and signature-request access. The pack reads account metadata, templates, teams, signature requests, signer status, and bulk-send-job status for contract lifecycle review, onboarding paperwork, sales handoff, renewal tracking, and signature evidence briefs. It bundles a scheduled signature-request digest, AI-assisted request and template readiness briefs, and approval-gated workflows for sending a request from an existing template, reminding one signer, updating one signer, and canceling one incomplete request. Writes are limited to one target request at a time; cancel is irreversible and uses an always-approval destructive gate. The pack intentionally excludes file uploads, binary downloads, file URL/data URI exports, embedded signing or editing URLs, template create/delete/update, template file mutation, team and account administration writes, bulk-send execution, report creation, fax APIs, OAuth token endpoints, completed-request access removal, and arbitrary Dropbox Sign API passthrough.

pack:dropbox-signdropbox-signesignaturecontracts
by Recued CoreCertified v1 8 items Pack
Files - Dropbox

API capability pack for bounded Dropbox metadata operations against https://api.dropboxapi.com only. Reads the current account, reads file/folder metadata, lists folder entries, continues a folder cursor, searches files/folders, lists revisions and shared links, and supports approval-gated daily organization actions: create folders, move or rename files/folders, copy files/folders, restore one file revision, and create or revoke one basic shared link. File upload/download and temporary content links are intentionally not exposed because Dropbox content endpoints use separate hosts outside this pack's egress allowlist. Delete/trash, arbitrary sharing settings, member permissions, ownership transfer, batch mutation, webhooks, and arbitrary passthrough are intentionally excluded. Enroll a Dropbox OAuth access token connection as bearer auth; no credential is embedded in the manifest.

pack:dropboxdropboxfilesfolders
by Recued CoreCertified v1 1 item Pack
du Pack

V3 deterministic filesystem size-inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local du CLI ingredient exposes bounded read-only disk-usage metadata for one trusted local path. The operations return summary size output only: KiB disk usage, human-readable disk usage, apparent-size KiB, and a fixed readiness probe. They do not return file content, list child paths, emit per-file recursive rows, read stdin, accept file lists, follow symlinks explicitly, cross-device-control flags, ignore masks, caller-supplied thresholds, environment overrides, arbitrary du flags, write files, or use a shell wrapper. Editable paths reject flag-like values, URL-like references, and scp-style remotes. Requires a POSIX-compatible du on PATH. Local and no-egress.

pack:duduclifilesystem
by Recued CoreCertified v1 1 item Pack
Microsoft Dynamics 365

Self-contained Microsoft Dynamics 365 (Dataverse) CRM vendor pack — the D-192 'de-hardcode, prefer-as-pack' forcing function. Declares the Dataverse Web API (OData v4) surface as a by-value composition. Native entities map into the canonical CRM vocabulary: contact -> contact. The activity entities (email, appointment, phonecall, task) carry the D-192 engagement facet with sync_kind 'delta_cursor' (Dataverse change-tracking / $deltatoken) — a pack-declared engagement plane that reconciles through the generic engagement reconciler with no bespoke dispatch. Entra/Microsoft OAuth (reused from the OneDrive lane). Reads resolve after connection grant.

pack:dynamicscrmdynamicsdataverse
by Recued CoreCertified v1 1 item Pack
AI Voice - ElevenLabs

API capability pack for bounded ElevenLabs REST API operations against https://api.elevenlabs.io only. Enroll an ElevenLabs API connection named elevenlabs that injects the xi-api-key header; no credential is embedded in this manifest. The pack reads account and subscription usage, voice and model catalogs, voice settings, speech history metadata, and approval-gates one JSON text-to-speech response with base64 audio plus alignment timestamps for explicit text and voice inputs. The pack intentionally excludes raw binary audio downloads, streaming endpoints, speech-to-text uploads, voice cloning and PVC training, voice/sample creation or deletion, history deletion, history bulk download, projects, audio native, conversational agents, phone numbers, knowledge bases, tools, MCP servers, secrets, webhooks, admin APIs, arbitrary ElevenLabs API passthrough, and dynamic outbound callback routing.

pack:elevenlabselevenlabsaivoice
by Recued CoreCertified v1 5 items Pack
Email Follow-up Workflow

Workflow pack over Email / Outbox. It turns a sent/outbound mail folder into a practical follow-up lane for one-person companies: scan likely silent threads, draft concise replies, preview the batch, and route sends through the existing mail-send approval gate. The pack depends on email-outbox-pack for all mail read/send primitives and does not redefine any provider-specific Gmail, Outlook, or IMAP surface.

pack:email-followup-workflowemailmailoutbox
by Recued CoreCertified v1 2 items Pack
Email / Outbox Pack

V3 suite/warehouse capability pack for email and outbox work. Gmail, Outlook, and IMAP are provider connections feeding the same warehouse; this pack bundles the kernel mail read/search/thread/body/send operations so workflow packs can depend on one governed email capability. Sending is still the irreversible write-class operation owned by the mail-send kernel gate.

pack:email-outboxemailmailoutbox
by Recued CoreCertified v1 8 items Pack
ESLint Pack

V3 JavaScript/TypeScript lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local eslint CLI ingredient exposes bounded project operations for readiness and lint diagnostics. Linting runs from an explicit project directory cwd supplied at execution time, accepts one trusted file, directory, or glob target, returns JSON diagnostics, avoids caller-supplied ESLint flags, avoids shell wrappers, and keeps findings visible as JSON output. ESLint loads project configuration, parsers, and plugins, which are Node modules and may execute code during linting, so linting remains approval-gated. The pack exposes no fix or fix-dry-run, output-file write, caller-supplied config/parser/plugin/rule/ignore/stdin/cache/suppression/debug/MCP/feature-flag/concurrency surface, environment override, or arbitrary command execution. Requires eslint on PATH.

pack:eslinteslintjavascripttypescript
by Recued CoreCertified v1 1 item Pack
Commerce - Etsy

API capability pack for bounded Etsy Open API v3 seller operations against https://openapi.etsy.com. Enroll an etsy connection that supplies the required x-api-key header for every request and an OAuth 2.0 bearer token for scoped seller endpoints. Reads shop metadata, shop sections, shipping profiles and destinations, return policies, holiday preferences, production partners, seller taxonomy, shipping carriers, listings, listing media, listing files, listing properties, listing personalization, listing translations, listing inventory, receipts, receipt listings, receipt transactions, receipt payments, shop transactions, reviews, shop payments, and payment ledger entries. Bundles scheduled shop operations, listing readiness, receipt support, approval-gated storefront listing updates, approval-gated inventory updates, and approval-gated shipment tracking. Writes are limited to one shop text update, one listing metadata update, one listing inventory document update, or one receipt shipment tracking creation at a time. The pack intentionally excludes destructive deletes, image/video/file upload, listing creation, batch operations, buyer messaging, refunds, payment capture, cart/favorites/profile mutation, address mutation, arbitrary Etsy endpoint passthrough, and credential-bearing fields in operation arguments.

pack:etsyetsycommerceecommerce
by Recued CoreCertified v1 7 items Pack
Web Search — Exa

The entity-less tool pack (§5 tool-op pack seam, v3 §7 'cli / tool pack'). Bundles the `exa-catalog` ingredient and one connection-agnostic recipe — `search-web-exa` runs a `recued-core.exa.web.search` Tier-P pack op-step that binds to the bundled Exa catalog and dispatches pass-through through the D-165 gateway (read-tier, audited). Installs dormant until you enroll an Exa connection (Settings → Connections) and pick it for the recipe's `exa` variable; web egress is reachable only as this pack-bound op, never as a direct ingredient.

pack:exawebsearchexa
by Recued CoreCertified v1 1 item Pack
Git Pack

V3 bounded local Git repository insight pack. By-value connector composition (service_kind=cli, no separate ingredient): one local git CLI ingredient exposes bounded project operations for readiness, repository status, changed-file rows, recent commit history, and tracked working-tree patches. Repo operations run from one explicit repository directory cwd supplied at execution time and use fixed catalog operations. Bundles scheduled recipes for a daily repo brief and a work-hours dirty-tree watch, so users can install the pack and immediately wire useful recurring Git checks. The pack never runs arbitrary git subcommands, never invokes a shell, never talks to remotes, and never exposes fetch/pull/push/clone. Path-based by design: the user points at a trusted local repository path. Requires git on PATH (Debian/Ubuntu: apt install git; macOS: git is commonly installed with developer tools). Local and no-egress.

pack:gitgitclirepository
by Recued CoreCertified v1 3 items Pack
ExifTool Pack

V3 deterministic metadata capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local ExifTool CLI ingredient exposes readiness, tag/deletable-group discovery, embedded metadata extraction, and metadata-stripped-copy operations. Fixed-function and reproducible: extraction and stripping happen locally before any model sees source bytes. File-ref operations write only to an engine-managed throwaway output dir and capture result.file_ref; downstream ai-* steps consume the JSON or stripped copy through a Gateway-gated file ref. The source can be a data.file ref or a trusted local path. No shell wrapper, arbitrary ExifTool flags, recursive directory processing, remote fetch, caller-controlled output path, in-place mutation, or backup deletion is exposed. Requires the exiftool binary on PATH (Debian/Ubuntu: apt install libimage-exiftool-perl; macOS: brew install exiftool). Local and no-egress; ExifTool parses many file formats, so prefer file_ref sources and keep the parser stack patched. PDF metadata edits are reversible in ExifTool alone, so use a PDF rebuild/linearize step before treating a PDF copy as securely scrubbed.

pack:exiftoolexiftoolclimetadata
by Recued CoreCertified v1 1 item Pack
Expected Quotation Email Loop

Workflow pack for one-off expected inbound quotation emails. The entry recipe stores only bounded matching/routing state; the hidden event watcher moves a matched source pointer to owner-visible needs_owner state; an hourly timeout role moves expired watches out of active; and the review/close recipe lists needs_owner and timed_out rows before re-reading one source message for an ephemeral draft. Message bodies, deal context, and generated drafts are never persisted in data.shared, and no recipe sends email.

pack:expected-quotation-emailemailmailquotation
by Recued CoreCertified v1 2 items Pack
FFmpeg Pack

V3 deterministic media-bridge capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local ffmpeg CLI ingredient exposes readiness, audio extraction, ASR-friendly WAV normalization, audio waveform rendering, video thumbnail extraction, short GIF preview generation, and compact MP4 transcoding. The parse-in enabler of the media toolkit: pulling audio out of video / screen-recording / podcast containers yields a smaller audio file an ASR step (whisper audio.transcribe) or an audio-capable model can read; thumbnail, waveform, and GIF preview outputs produce compact visual previews for media triage. Fixed-function and reproducible: transformations happen locally before any model sees the content. Write-tier operations write only to an engine-managed throwaway temp dir, ingest the produced artifact into data.file.received (CAS), and surface result.file_ref; downstream steps consume bytes through Gateway-gated file refs rather than op-step values. The source can be a data.file ref or trusted local path. Large/long media can exceed the 90s foreground cap; those ride a detached execution path when it lands. Requires the ffmpeg binary on PATH. Local operations are pinned to the file/pipe protocol whitelist so URL inputs cannot trigger remote fetches. Part of the Lane-1 media toolkit alongside whisper (transcribe), mediainfo (inspect), and imagemagick/vips (image transforms).

pack:ffmpegffmpegclimedia
by Recued CoreCertified v1 1 item Pack
FFprobe Pack

V3 deterministic media-inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local ffprobe CLI ingredient exposes bounded read-only media metadata operations for readiness, full stream/container JSON, compact summary JSON, and duration extraction. The operations inspect one trusted local media path and return stdout metadata; they do not transcode, decode frames to files, write outputs, materialize file_ref input into value output, recurse directories, scan devices, list sources, show packets, dump payload data, generate reports, expose arbitrary ffprobe flags, or use shell wrappers. Inputs are pinned to the file/pipe protocol whitelist and the editable path rejects scheme-like prefixes so URL inputs cannot trigger remote fetches. Requires ffprobe on PATH. Local and no-egress.

pack:ffprobeffprobeffmpegcli
by Recued CoreCertified v1 1 item Pack
Figma Comment Reply Closure Loop

Workflow pack for Recued-sent Figma comment replies. It composes the Figma capability pack with a closure ledger: reply once to an existing Figma file comment through the existing approval gate, persist only the connection/file/comment/reply linkage in data.shared, and let a scheduled watcher re-read that exact file comment until Figma reports it resolved or the comment is no longer present. This pack does not replace Figma comments, native notifications, design review dashboards, webhook administration, comment resolution controls, or general file-status reporting; it adds Recued-visible closure state for comment replies Recued sent.

pack:figma-comment-reply-closurefigmacommentscollaboration
by Recued CoreCertified v1 2 items Pack
Design Collaboration - Figma

API capability pack for bounded Figma REST API operations against https://api.figma.com only. Enroll a figma connection as either OAuth bearer auth or header auth that injects X-Figma-Token for a personal or plan access token; no credential is embedded in this manifest. The pack reads the current user, files, nodes, rendered image URLs, image-fill references, file metadata, team projects, project metadata, project files, file versions, comments, reactions, published components, component sets, styles, organization activity logs, local and published variable inventories, dev resources, library analytics, and oEmbed previews for daily design-to-build workflows. Approval-gated writes are limited to creating/deleting comments, adding/removing comment reactions, applying explicit variable mutations, and creating/updating/deleting dev-resource links. The pack intentionally excludes webhook list/read/create/update/delete because Figma webhook responses include passcode secret material, plus developer-log token filters, AI usage metering, payments, SCIM, file mutation/upload, arbitrary file export downloads, broad admin configuration, OAuth token exchange, and arbitrary API passthrough.

pack:figmafigmadesignfiles
by Recued CoreCertified v1 1 item Pack
file Pack

V3 deterministic file-type inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local file CLI ingredient exposes bounded read-only type and MIME detection for one trusted local path. The operations return only libmagic metadata on stdout: human-readable type, MIME type, MIME type with encoding, or MIME encoding. They do not return file bytes, recurse directories, read filename lists, use caller-supplied magic databases, inspect compressed contents, read special block/character devices as ordinary data, disable sandboxing, compile magic files, emit debug output, use raw unprintable output, write files, accept stdin, or use a shell wrapper. Editable paths reject flag-like values, URL-like references, and scp-style remotes. Requires file on PATH. Local and no-egress.

pack:filefilelibmagiccli
by Recued CoreCertified v1 1 item Pack
find Pack

V3 bounded local filesystem discovery capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local find CLI ingredient exposes fixed read-only operations for readiness, file listing, directory listing, symlink listing, basename-glob search, recently modified file search, large-file search, and empty path search. Project operations run from an explicit project directory cwd supplied at execution time, accept only a trusted relative target path, cap traversal depth, and never expose arbitrary find expressions. Filesystem operations require approval because they can reveal local path names, directory shape, file sizes, modification times, symlink names, and project structure. The pack exposes no -exec, -delete, -ok, -ls, -print0, ownership/permission predicates, remote paths, absolute target traversal, parent-directory segments, caller-supplied flags, environment override, stdin, output-file write, or shell wrapper. Requires find on PATH.

pack:findfindclifilesystem
by Recued CoreCertified v1 1 item Pack
Web Data - Firecrawl

API capability pack for bounded Firecrawl v2 REST API operations against https://api.firecrawl.dev/v2 only. Enroll a Firecrawl bearer API key connection named firecrawl; no credential is embedded in this manifest. The pack searches the web, scrapes one explicit page, maps URLs for one explicit site, starts and monitors crawl, batch scrape, and extract jobs, cancels one explicit crawl or batch scrape job, and reads team credit/token usage. Firecrawl may retrieve caller-supplied URLs inside its own service, but Recued egress is limited to the Firecrawl API host and the declared operations here. Writes are limited to starting one explicit crawl, batch scrape, or extract job and canceling one explicit crawl or batch scrape job. The pack intentionally excludes webhooks and callbacks, caller-supplied request headers and cookies, browser actions, arbitrary JavaScript execution, TLS verification bypass, enhanced proxy selection, cache/retention toggles, file download passthrough, team/billing/admin mutation, credential management, arbitrary Firecrawl API passthrough, and dynamic outbound callback routing.

pack:firecrawlfirecrawlwebsearch
by Recued CoreCertified v1 7 items Pack
Deployments - Fly.io

API capability pack for bounded Fly.io Machines REST API calls against https://api.machines.dev/v1 only. Reads current token metadata, apps, machines, machine events, process lists, machine memory, machine metadata, machine versions, volumes, snapshots, IP assignments, TLS certificates, organization-wide machine/volume inventories, and platform regions. Approval-gated writes are limited to creating one app, creating or extending one volume, creating one volume snapshot, requesting or re-checking one ACME certificate, creating one machine, and single-machine lifecycle actions: start, stop, restart, cordon, uncordon, or suspend. Enroll a Fly.io API-token bearer connection named flyio. The pack intentionally excludes app/machine/volume/certificate deletes, raw command execution, arbitrary signals, secret and secret-key value reads/writes, deploy-token creation, KMS/OIDC token minting, token authorization endpoints, custom certificate upload, IP assignment mutation, and arbitrary API passthrough.

pack:flyioflyiofly.iomachines
by Recued CoreCertified v1 8 items Pack
FX Rates - Frankfurter

No-auth API capability pack for exchange-rate lookups through Frankfurter v2. The pack exposes current blended rates, a single currency-pair rate, and the currency catalog against https://api.frankfurter.dev only. No credential is embedded or required; recipes provide currency codes as query or path parameters.

pack:frankfurterfinanceexchange-ratescurrency
by Recued CoreCertified v1 1 item Pack
Accounting & Time Tracking - FreshBooks

API capability pack for bounded FreshBooks REST operations against https://api.freshbooks.com only. Reads the authenticated identity, clients, invoices, payments, estimates, expenses, projects, services, and time entries for daily solo-business accounting and time tracking. Writes cover approval-gated client upkeep, invoice draft/update/send actions, estimate draft/update actions, expense logging, and time-entry creation/update using FreshBooks' documented request wrappers. Enroll a FreshBooks OAuth bearer-token connection named freshbooks; no credential is embedded in the manifest. FreshBooks uses account_id for accounting endpoints and business_id for projects, services, and time tracking; both are discoverable from the identity endpoint. The pack intentionally excludes deletes, payment mutation/collection flows, online payment setup, invoice/estimate attachments, project/service mutation, reports, staff/admin settings, webhooks, arbitrary API passthrough, and any endpoint outside api.freshbooks.com.

pack:freshbooksfreshbooksaccountingbookkeeping
by Recued CoreCertified v1 1 item Pack
Freshdesk Ticket Reply Closure Loop

Workflow pack for Recued-sent Freshdesk public replies. It composes the Freshdesk capability pack with a closure ledger: send one public ticket reply through the existing Freshdesk approval gate, optionally set a configured Freshdesk numeric status such as Pending, persist only the connection/ticket reply-watch linkage in data.shared, and let a scheduled watcher re-read that exact ticket until Freshdesk reports Resolved/Closed or an owner-actionable status such as Open. This pack does not replace Freshdesk automations, dispatch rules, Observer/Supervisor rules, SLA policy, ticket views, native notifications, or helpdesk queue rules; it adds Recued-visible closure state for tickets Recued replied to.

pack:freshdesk-ticket-reply-closurefreshdesksupporthelpdesk
by Recued CoreCertified v1 3 items Pack
Support - Freshdesk

API capability pack for bounded Freshdesk v2 helpdesk operations. Enroll a freshdesk API connection with base_url set to the tenant API root, for example https://example.freshdesk.com/api/v2, and Basic auth using the API key as username with X as password. The pack reads the current agent, agents, groups, roles, contacts, companies, tickets, ticket conversations, ticket fields, canned response folders/responses, solution categories/folders/articles, products, and time entries for daily support operations. Bundled recipes provide a scheduled ticket triage digest, an AI-assisted ticket review brief, an approval-gated customer reply/internal note workflow, and an approval-gated ticket intake workflow. Writes are approval-gated and limited to creating one ticket, updating one ticket's common status/assignment/priority fields, adding one reply, or adding one private note. Deletes, restore, bulk updates, watchers, attachment binary upload/download, scenario automation, dispatch rules, SLA/admin settings, contact/company mutation, time tracking mutation, portal/theme mutation, and arbitrary Freshdesk endpoints are intentionally not exposed.

pack:freshdeskfreshdesksupporthelpdesk
by Recued CoreCertified v1 5 items Pack
Front Conversation Reply Reopen Loop

Workflow pack for Recued-sent Front customer replies. It composes the Front capability pack with a reopen ledger: send one customer reply through the existing Front approval gate, persist only the connection/conversation/event-baseline linkage in data.shared, and let a scheduled watcher re-read that exact conversation and latest events until Front reports archived/spam/trashed/deleted, a resolved ticket category, or a newer owner-actionable event such as inbound, reopen, or delivery error. This pack does not replace Front Rules, reminders, time-goal rules, required tagging, native notifications, inbox routing, webhooks, application triggers, or teammate workflows; it adds Recued-visible closure/reopen state for conversations Recued replied to.

pack:front-conversation-reply-reopenfrontsupportshared-inbox
by Recued CoreCertified v1 3 items Pack
GitHub Issue Closure Loop

Workflow pack for Recued-created GitHub issues. It composes the GitHub capability pack with a closure ledger: create one owner-approved issue in one repository, persist only the connection/repository/issue linkage in data.shared, and let a scheduled watcher re-read that exact issue until GitHub reports it closed. This pack does not replace GitHub issue state controls, issue views, project boards, milestones, native notifications, webhooks, pull request review, or general issue reporting; it adds Recued-visible closure state for issues Recued created.

pack:github-issue-closuregithubissuesdeveloper-workflow
by Recued CoreCertified v1 2 items Pack
Shared Inbox - Front

API capability pack for bounded Front Core API operations against https://api2.frontapp.com only. Enroll a front connection as a bearer token or OAuth bearer token; no credential is embedded in this manifest. The pack reads token identity, teammates, teams, inboxes, channels, contacts, accounts, conversations, messages, comments, tags, links, statuses, rules, views, custom fields, knowledge bases, knowledge base articles/categories, and message templates for daily shared-inbox, support, and customer-ops workflows. Bundles a scheduled inbox triage digest, an AI-assisted conversation investigation brief, an approval-gated customer reply workflow, and an approval-gated conversation status update workflow. Approval-gated writes are limited to contact/account maintenance, account-contact membership, notes, conversation creation/update/assignment/replies/comments/followers/tags/reminders/seen status, tag and link maintenance, knowledge base content/category/article updates, and message-template maintenance. Permanent deletes, attachment downloads/uploads, analytics exports/reports, custom-channel inbound/imported message ingestion, inbox/channel/admin permission changes, teammate/group/team provisioning, webhooks, application triggers, rule automation mutation, signatures, shifts/time off, bulk imports, and arbitrary Front endpoints are intentionally not exposed.

pack:frontfrontsupportshared-inbox
by Recued CoreCertified v1 5 items Pack
Google Drive Storage

Google Drive storage capability pack for the SMB-finance wedge (and any folder-watch lane). By-value entity_platform composition over the Drive REST v3 API: list a folder's files, read a file's metadata, download file bytes straight into the warehouse CAS, export Google Workspace documents as PDFs, list comments, and inspect revision history. It also supports approval-gated daily file organization: rename a file, move a file between folders, copy a file, create folders, and add one file comment. The download/export -> file_ref handoff feeds docling (document.to_markdown materializes the file_ref to a temp file), so a receipts/invoices folder in Drive becomes a parse-ready intake lane. Reads flow after connection grant; writes ask. Bind a Google connection once (OAuth 2.0 via your own Google Cloud app, drive.readonly + drive.file scopes) and assign a dish. Media-bytes upload, trash/delete, permission sharing, label mutation, arbitrary comment edit/delete, revision mutation, and Google Docs content editing remain excluded.

pack:gdrivestoragegoogle-drivegdrive
by Recued CoreCertified v1 1 item Pack
GitHub CLI Pack

V3 bounded GitHub CLI read capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local gh CLI ingredient exposes fixed operations for client readiness, GitHub.com auth status, repository summary, issue list/view, pull request list/view, and latest release metadata. Remote operations require approval because they use the executor's existing gh configuration and authentication, contact GitHub.com, and can reveal private repository metadata, issue/PR bodies, labels, authors, release metadata, account names, token scopes, or network path. The pack scopes repository selectors to github.com/{owner}/{repo}, pins JSON field lists, caps list limits at 100, and exposes no gh api, create/edit/delete/merge/comment/review commands, web browser launch, arbitrary jq/template expressions, arbitrary host selection, caller-supplied gh flags, environment override, stdin, output-file write, or shell wrapper. Requires gh on PATH and an appropriate GitHub CLI authentication state for private resources.

pack:ghghgithubcli
by Recued CoreCertified v1 1 item Pack
Ghostscript Pack

V3 deterministic PDF rendering and compaction capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local Ghostscript CLI ingredient exposes readiness, bounded PDF compaction through pdfwrite, and first-page PNG rendering. Fixed-function and reproducible: the executor materializes the source PDF and owns the throwaway output directory, while Ghostscript writes fixed output files that are captured as result.file_ref. Write-tier but approval=never: Ghostscript writes only under an engine-managed output dir, runs with -dSAFER, exposes no arbitrary flags, no PostScript snippets, no password argument, no printer routing, no URL fetch, and never streams PDF bytes through op-step values. Requires the gs binary on PATH (Debian/Ubuntu: apt install ghostscript; macOS: brew install ghostscript). Local and no-egress. Use qpdf for structural PDF rewrites/linearization; use Ghostscript here for raster previews and lossy/loss-aware pdfwrite compaction.

pack:ghostscriptghostscriptgspdf
by Recued CoreCertified v1 1 item Pack
Git Diff Pack

V3 deterministic no-index diff capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local git CLI compares two source files with git diff --no-index and writes a patch file via the file.diff_no_index catalog operation. Fixed-function and reproducible: the executor materializes an ordered file_ref array into discrete argv elements, owns the throwaway output directory, git writes a fixed diff.patch result, and exit codes 0 (no differences) and 1 (differences found) are both successful. Requires git on PATH (Debian/Ubuntu: apt install git; macOS: git is commonly installed with developer tools). Local and no-egress.

pack:git-diffgitdiffcli
by Recued CoreCertified v1 1 item Pack
Docs - Google Docs

API capability pack for bounded Google Docs API v1 calls against https://docs.googleapis.com/v1 only. Reads one document by ID, creates one blank document by title, and approval-gates semantic text insertion and template replacement workflows through Docs batchUpdate request shapes. Bundles a document review brief, a meeting-notes creator, and a template-field fill workflow. Enroll a Google OAuth bearer connection named google with the narrowest Docs or Drive file scopes needed for the installed operations. The pack intentionally excludes Drive file search, export/import, sharing and permissions, comments, arbitrary Drive calls, delete operations, style/image/table/suggestion mutation, header/footer mutation, arbitrary Docs API passthrough, and unbounded document export.

pack:google-docsgoogle-docsdocsdocuments
by Recued CoreCertified v1 4 items Pack
GitHub Issue Comment Closure Loop

Workflow pack for Recued-created GitHub issue comments. It composes the GitHub capability pack with a closure ledger: add one owner-approved Markdown comment to an existing GitHub issue, persist only the connection/repository/issue/comment linkage in data.shared, and let a scheduled watcher re-read that exact issue until GitHub reports it closed. This pack does not replace GitHub issue comments, native notifications, issue state controls, project boards, milestones, webhooks, or general issue reporting; it adds Recued-visible closure state for issue comments Recued created.

pack:github-issue-comment-closuregithubissuescomments
by Recued CoreCertified v1 2 items Pack
CI Failure Handoff Loop - GitHub + Linear

Workflow pack that closes the loop between exception-scoped GitHub Actions failures and owner-approved Linear follow-up work. It depends on the GitHub and Linear capability packs, detects one recent unhandled failed workflow run at a time, writes a data.shared proposal, notifies the owner, provides a manual action recipe that either creates the Linear issue and links it back to the GitHub workflow run or dismisses the proposal, and watches created Linear issues until they reach a terminal state. It excludes pull-request-attached runs by default because Linear Reviews already surfaces PR checks and CI-failure notifications. It does not replace GitHub Actions notifications, GitHub workflow logs, rerun controls, branch protection, Linear's GitHub integration, Linear PR automation, or GitHub issue syncing; use it only when those normal paths are insufficient and Recued-visible cross-system closure state is needed.

pack:github-linear-ci-failure-handoffgithubgithub-actionslinear
by Recued CoreCertified v1 1 item Pack
GitHub Pack

V3 capability pack for bounded GitHub REST calls against https://api.github.com only. The pack covers daily repository work: current-user identity, accessible repository lookup, notification and assigned-issue triage, issue lookup/update/comments, pull request lookup/create/update plus review context, commit/branch/release lookup, and GitHub Actions workflow run/job/check status. It also bundles an assigned-work digest, an AI-assisted pull request review brief, and approval-gated issue creation workflow. The bundled recipes only use issue.create as a write. Mutating operations are write-tier and approval-gated; destructive, admin, secret, collaborator, branch-protection, merge, rerun, dispatch, and cancel surfaces are intentionally excluded.

pack:githubgithubissuespull-requests
by Recued CoreCertified v1 4 items Pack
GitLab Issue Note Closure Loop

Workflow pack for Recued-created GitLab issue notes. It composes the GitLab capability pack with a closure ledger: add one owner-approved public note to an existing GitLab issue, persist only the connection/project/issue/note linkage in data.shared, and let a scheduled watcher re-read that exact issue until GitLab reports it closed. This pack does not replace GitLab issue comments, native notifications, issue state controls, boards, milestones, webhooks, or general issue reporting; it adds Recued-visible closure state for issue notes Recued created.

pack:gitlab-issue-note-closuregitlabissuesnotes
by Recued CoreCertified v1 2 items Pack
Code Projects - GitLab

API capability pack for bounded GitLab.com REST calls against https://gitlab.com only. The pack covers daily project work: current-user identity, project and issue lookup, issue updates and comments, merge request lookup/create/update/comments, branch and commit visibility, pipeline and job status, and release status. It also bundles a scheduled project triage digest, an AI-assisted merge request review brief, and approval-gated issue creation workflow. The bundled recipes only use issue.create as a write. Enroll a GitLab personal access token or OAuth access token connection; no credential is embedded in the manifest. Mutating operations are write-tier and approval-gated. The pack intentionally excludes repository file writes, commit creation, branch/tag mutation, merge/approve actions, pipeline trigger/retry/cancel/play actions, job trace and artifact downloads, release creation/update/delete, runner/admin APIs, and arbitrary passthrough.

pack:gitlabgitlabissuesmerge-requests
by Recued CoreCertified v1 4 items Pack
Gitleaks Pack

V3 deterministic local secret-scan capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local gitleaks CLI ingredient exposes bounded project operations for readiness and redacted filesystem secret scans. The local gitleaks CLI scans one source path as ordinary files and writes a redacted JSON report via the security.scan_secrets catalog operation. Bundles a manual scan recipe and a scheduled project secret-scan workflow so users can turn trusted folders into recurring local security checks. Fixed-function and reproducible: filesystem dir scan mode only, no generic git command, no history log options, no caller-supplied config/baseline path, and no arbitrary flags. The executor materializes CAS file refs when present and owns the throwaway output directory, while gitleaks writes a fixed gitleaks.json report captured as result.file_ref. Requires gitleaks on PATH (Debian/Ubuntu: apt install gitleaks). Local and no-egress.

pack:gitleaksgitleaksclisecurity
by Recued CoreCertified v1 3 items Pack
Email - Gmail

API capability pack for bounded Gmail API v1 operations against https://gmail.googleapis.com. Enroll a Google OAuth bearer connection named google with the narrowest Gmail scopes needed for the installed operations; Gmail scopes can be restricted and may require Google app verification. Reads the current mailbox profile, labels, messages, message metadata, attachments, threads, mailbox history deltas, drafts, filters, send-as identities, forwarding addresses, and mailbox settings for auto-forwarding, IMAP, POP, language, and vacation responder state. It also bundles a scheduled inbox digest, an AI-assisted thread review brief, and approval-gated vacation responder update workflow. Writes are approval-gated and limited to creating/updating labels, modifying labels on one message or thread, creating/updating/sending one RFC 2822 raw draft, sending one RFC 2822 raw message, creating filters without forwarding actions, deleting one filter, patching send-as display/reply-to/signature/default metadata, sending a send-as verification email, and updating vacation responder settings. The bundled recipes only use settings.vacation.update as a write. The pack intentionally excludes arbitrary API passthrough, permanent delete, trash/untrash, batch modify/delete, import/insert, watch/stop Pub/Sub, forwarding/delegation mutation, forwarding-address mutation, S/MIME, IMAP/POP/language/auto-forwarding mutation, filter forwarding actions, attachments upload, and domain/admin Gmail APIs.

pack:gmailgmailgoogle-workspaceemail
by Recued CoreCertified v1 4 items Pack
Go Pack

V3 Go toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local go CLI ingredient exposes bounded project operations for readiness, project Go environment context, go.mod JSON inspection, local package discovery, module dependency inventory, tests, and vet diagnostics. All project operations run from an explicit project directory cwd supplied at execution time, use readonly module resolution where package/module loading is involved, avoid caller-supplied Go flags, avoid shell wrappers, and keep diagnostics visible as structured output. Test, vet, and dependency inventory operations are approval-gated because the Go toolchain can compile project code, may invoke cgo/toolchain helpers, may execute test code, may contact module sources if dependencies are missing from cache, and may write build/test/module cache state. Requires go on PATH.

pack:gogogolangtest
by Recued CoreCertified v1 1 item Pack
Revenue Intelligence - Gong

API capability pack for bounded read-only Gong operations against https://api.gong.io. Enroll a gong API connection for Gong API access; Gong access keys use Basic Authentication, and OAuth bearer-token grants must carry the per-operation scopes noted below. The pack reads calls, call details, call insight slices, transcripts, users, user settings history, workspaces, public library folders, folder call lists, keyword trackers, scorecards, answered scorecards, user activity stats, and interaction stats. It intentionally does not expose call upload, media replacement/download URL retrieval, users-access mutation, privacy erasure, webhook/configuration writes, CRM upload, or arbitrary API passthrough.

pack:gonggongsalesrevenue-intelligence
by Recued CoreCertified v1 1 item Pack
Analytics - Google Analytics

API capability pack for bounded Google Analytics Data API operations against https://analyticsdata.googleapis.com only. Reads GA4 metadata, compatible dimensions and metrics, standard report rows, and realtime report rows for daily website traffic, page, source, event, conversion, and active-user review. Enroll a Google OAuth bearer connection named google with Analytics readonly scope; no credential is embedded in the manifest. Google Analytics Admin APIs, property mutation, audience export creation/querying, report-task creation, BigQuery export, arbitrary Google APIs, and arbitrary API passthrough are intentionally not exposed.

pack:google-analyticsgoogle-analyticsga4analytics
by Recued CoreCertified v1 1 item Pack
Calendar - Google Calendar

API capability pack for bounded Google Calendar API v3 calls against https://www.googleapis.com/calendar/v3 only. Reads the user's calendar list, calendar metadata, bounded event windows, individual events, and free/busy blocks. Bundles a scheduled daily agenda digest, an AI-assisted event prep brief, an approval-gated focus block creator, and an approval-gated event reschedule workflow. Enroll a Google OAuth bearer connection named google with the narrowest Calendar scopes needed for the installed operations. The pack intentionally excludes ACL/sharing mutation, secondary calendar creation/deletion/clear, watch channels, colors/settings/admin resources, event import, conference creation, attachments, arbitrary API passthrough, and unbounded event export.

pack:google-calendargoogle-calendarcalendarevents
by Recued CoreCertified v1 5 items Pack
Google Drive File Comment Closure Loop

Workflow pack for Recued-created Google Drive file comments. It composes the Google Drive capability pack with a closure ledger: add one comment to an existing Drive file through the existing approval gate, persist only the connection/file/comment linkage in data.shared, and let a scheduled watcher re-read that exact comment until Drive reports it resolved or deleted. This pack does not replace Google Drive comments, native Drive notifications, document review dashboards, permission workflows, comment resolution controls, or general file-status reporting; it adds Recued-visible closure state for file comments Recued created.

pack:google-drive-file-comment-closuregoogle-drivegdrivecomments
by Recued CoreCertified v1 2 items Pack
Forms - Google Forms

API capability pack for bounded Google Forms API v1 calls against https://forms.googleapis.com only. Reads form metadata, response pages, individual responses, and watch registrations for daily lead intake, surveys, registrations, applications, customer feedback, and lightweight operations workflows. Approval-gates creating a blank form with title and optional Drive document title, plus setting the form publish state so API-created forms can be made usable after Google Forms' June 30, 2026 unpublished-default change. Enroll a Google OAuth bearer connection named google; no credential is embedded in the manifest. The pack intentionally excludes arbitrary batchUpdate, question/item mutation, quiz grading mutation, response submission, watch creation/renewal/deletion, Drive sharing/deletion, linked-sheet creation, arbitrary Google APIs, and arbitrary API passthrough.

pack:google-formsgoogle-formsformssurveys
by Recued CoreCertified v1 1 item Pack
Meet - Google Meet

API capability pack for bounded Google Meet API v2 calls against https://meet.googleapis.com/v2 only. Reads and creates meeting spaces, searches and reads conference records, reads participants, participant sessions, recording metadata, transcript metadata, and transcript entries, and approval-gates ending one active conference in a Meet space. Bundles a governed Meet link creator, a post-meeting artifact brief, and an approval-gated active-conference end workflow. Enroll a Google OAuth bearer connection named google with the narrowest Meet scopes needed for the installed operations. The pack intentionally excludes Google Calendar event scheduling, Drive recording downloads, Docs transcript downloads, live media capture, Meet Media API streams, space settings patch, co-host management, attendance-report file retrieval, webhooks, admin controls, arbitrary resource-name passthrough, and arbitrary API passthrough.

pack:google-meetgoogle-meetmeetmeetings
by Recued CoreCertified v1 4 items Pack
SEO - Google Search Console

API capability pack for bounded Google Search Console operations against https://searchconsole.googleapis.com only. Reads accessible properties, search analytics rows, sitemap status, and URL inspection results for daily website and SEO operations; approval-gates sitemap submit/delete after site deploys or sitemap cleanup. Enroll a Google OAuth bearer connection named google with Search Console scopes; no credential is embedded in the manifest. Site add/remove, ownership verification, mobile-friendly testing screenshots, arbitrary Google APIs, and arbitrary API passthrough are intentionally not exposed.

pack:google-search-consolegoogle-search-consolesearch-consoleseo
by Recued CoreCertified v1 1 item Pack
Spreadsheets - Google Sheets

API capability pack for bounded Google Sheets API v4 calls against https://sheets.googleapis.com/v4 only. Reads spreadsheet metadata, sheet tabs, and one A1/R1C1 value range for daily tracker, CRM-lite, finance, lead-list, and operations spreadsheet workflows. Approval-gates creating one spreadsheet, appending raw values to one range, updating raw values in one range, and copying one sheet tab to another spreadsheet. Enroll a Google OAuth bearer connection named google; no credential is embedded in the manifest. The pack intentionally excludes arbitrary batchUpdate, formatting, formulas as USER_ENTERED input, clear/delete operations, data-filter mutation, protected range mutation, pivot/chart/table mutation, developer metadata mutation, Drive sharing, imports/exports, and arbitrary API passthrough.

pack:google-sheetsgoogle-sheetsspreadsheetsheets
by Recued CoreCertified v1 1 item Pack
Slides - Google Slides

API capability pack for bounded Google Slides API v1 calls against https://slides.googleapis.com/v1 only. Reads one presentation by ID, reads a thumbnail for one known slide, creates one blank presentation by title, and approval-gates semantic slide creation and template text replacement through Slides batchUpdate request shapes. Bundles a deck review brief, a status-deck creator, and a template-field fill workflow. Enroll a Google OAuth bearer connection named google with the narrowest Slides or Drive file scopes needed for the installed operations. The pack intentionally excludes Drive file search, export/import, sharing and permissions, arbitrary Drive calls, delete operations, image/video/table/chart insertion, speaker-note mutation, arbitrary Slides API passthrough, and unbounded presentation export.

pack:google-slidesgoogle-slidesslidespresentations
by Recued CoreCertified v1 4 items Pack
Google Tasks Task Closure Loop

Workflow pack for Recued-created Google Tasks tasks. It composes the Google Tasks capability pack with a closure ledger: create one owner-approved active task in an existing task list, persist only the connection/list/task linkage in data.shared, and let a scheduled watcher re-read that exact task until Google Tasks reports completion. This pack does not replace Google Tasks due dates, reminders, list organization, task moves, assignment-source behavior, hidden/deleted task handling, clear-completed cleanup, daily planning, or general task dashboards; it adds Recued-visible closure state for Google Tasks tasks Recued created.

pack:google-tasks-task-closuregoogle-tasksgoogletodo
by Recued CoreCertified v1 2 items Pack
Tasks - Google Tasks

API capability pack for bounded Google Tasks API v1 calls against https://tasks.googleapis.com only. Reads task lists, individual task lists, bounded task pages, and individual tasks for daily to-do review, follow-up capture, project lists, client lists, reminders, and solo-operator work queues. Bundles scheduled daily planning, approval-gated task capture, and approval-gated task completion recipes on top of the raw capability surface. Approval-gates creating and renaming task lists, creating tasks, editing basic task fields, setting task status, and moving tasks between positions or lists. Enroll a Google OAuth bearer connection named google with Tasks scopes; no credential is embedded in the manifest. The pack intentionally excludes task deletion, task-list deletion, clear-completed, full PUT replacement, arbitrary body passthrough, assignment-source mutation, hidden/deleted mutation, link mutation, batch requests, arbitrary Google APIs, and arbitrary API passthrough.

pack:google-tasksgoogle-taskstaskstodo
by Recued CoreCertified v1 4 items Pack
GPG Verify Pack

V3 deterministic OpenPGP signature verification capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local gpgv CLI verifies one trusted local file path against a detached signature and trusted keyring via signature.verify. This pack uses gpgv, not generic gpg, so it is verification-only: no signing, import, trustdb mutation, keyserver access, or key management workflow. The operation is exit-code-only; a zero exit code means the signature verified. Requires gpgv on PATH (Debian/Ubuntu: apt install gpgv; macOS: install GnuPG). Local and no-egress.

pack:gpg-verifygpgvopenpgpsignature
by Recued CoreCertified v1 1 item Pack
Gradle Pack

V3 Gradle CLI toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local gradle CLI ingredient exposes bounded project operations for readiness, verification, and test execution. Project operations run from an explicit project directory cwd supplied at execution time, disable the daemon, use a plain console, limit warning noise, avoid caller-supplied tasks/properties/profiles/init scripts/settings/build files/modules, avoid project wrapper scripts and shell wrappers, and keep diagnostics visible as text output. Verification and test operations are approval-gated because Gradle may resolve dependencies and plugins, execute build scripts and plugins, compile project code, run tests or verification tasks, and write build directories or Gradle cache state. Requires gradle on PATH.

pack:gradlegradlejavakotlin
by Recued CoreCertified v1 1 item Pack
Recruiting ATS - Greenhouse

API capability pack for bounded Greenhouse Harvest v3 operations against https://harvest.greenhouse.io/v3. Enroll a Greenhouse Harvest v3 OAuth bearer connection named greenhouse with candidate, application, job, job-post, opening, offer, interview, scorecard, user, office, department, and note access. The pack reads recruiting pipeline records for hiring operations digests, candidate evidence briefs, job readiness review, interview and scorecard follow-up, offer tracking, and recruiting operations reporting. It bundles a scheduled recruiting digest, AI-assisted candidate and job briefs, and approval-gated workflows for creating one candidate profile and adding one candidate note. Writes are limited to one candidate or note at a time. The pack intentionally excludes candidate deletes, candidate merges, anonymization, application hire/reject/move/convert actions, offer creation or mutation, job/opening/job-post mutation, department/office/user administration, attachment uploads or downloads, bulk endpoints, OAuth token generation, webhooks, and arbitrary Greenhouse API passthrough.

pack:greenhousegreenhouseatsrecruiting
by Recued CoreCertified v1 6 items Pack
Fast AI Inference - Groq

API capability pack for bounded Groq REST API operations against https://api.groq.com only. Enroll a Groq API key bearer connection named groq; no credential is embedded in this manifest. The pack reads the model catalog, creates non-streaming chat completions, creates bounded Responses API generations, creates text embeddings, and reads batch/file metadata for low-latency LLM workflows, structured output review, semantic-search preparation, model inventory, and operations monitoring. Generation and embedding calls are non-persistent read-tier inference calls that consume Groq quota but do not create durable customer resources through this pack. The pack intentionally excludes streaming, tool calls, tool_choice routing, functions, MCP-connected tools, built-in browser/code/web-search tools, Compound custom tool configuration, arbitrary extra body/query/header passthrough, batch creation or cancelation, file upload/download/delete, model deletion, fine-tuning, multipart audio transcription/translation, binary speech generation, credential management, dynamic outbound callbacks, and any operation outside api.groq.com.

pack:groqgroqaillm
by Recued CoreCertified v1 5 items Pack
gzip Pack

V3 bounded gzip inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local gzip CLI ingredient exposes fixed operations for readiness, gzip stream integrity testing, compact gzip metadata listing, and verbose gzip metadata listing. The pack deliberately does not expose compression or decompression output because this gzip implementation writes compressed/decompressed bytes to stdout or mutates source-adjacent files; neither fits the current file-ref output contract without shell redirection. File operations accept one gzip path or materialized file_ref, capture only metadata or exit status, and expose no stdout payload bytes, source-adjacent writes, recursive mode, suffix override, force mode, original-name restore, arbitrary flags, caller-supplied environment override, stdin, output-file write, or shell wrapper. Requires gzip on PATH.

pack:gzipgzipclicompression
by Recued CoreCertified v1 1 item Pack
Hadolint Pack

V3 deterministic Dockerfile lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local hadolint CLI ingredient exposes bounded project operations for readiness and Dockerfile lint diagnostics. Lints run from an explicit project directory cwd supplied at execution time, check one trusted local Dockerfile path, and return JSON diagnostics via the dockerfile.lint catalog operation. Fixed-function and reproducible: no arbitrary hadolint flags, no caller-supplied config path, no ignore-rule hole, no trusted-registry override, no shell wrapper, no Docker image execution, and no network egress. Lint findings are represented as JSON output instead of failing the op; real invocation errors still fail. Requires hadolint on PATH. Local and no-egress.

pack:hadolinthadolintdockerfilecontainer
by Recued CoreCertified v1 1 item Pack
Time Tracking - Harvest

API capability pack for bounded Harvest API v2 operations against https://api.harvestapp.com/v2 only. Reads company settings, the current user, clients, projects, tasks, and time entries for daily solo-business time tracking. Writes cover approval-gated client, project, task, and time-entry create/update/start/restart/stop operations for ordinary timesheet setup and cleanup. Enroll a Harvest personal access token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. Each operation requires the Harvest account id as the documented Harvest-Account-Id request header. The pack intentionally excludes invoice/estimate/expense/report APIs, users, deletion, approvals, admin configuration, project assignments, external-reference deletion, and arbitrary API passthrough.

pack:harvestharvesttime-trackingtimesheets
by Recued CoreCertified v1 1 item Pack
Helm Pack

V3 Helm CLI capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local helm CLI ingredient exposes bounded Kubernetes chart operations for readiness, strict chart linting, and local manifest rendering. Project operations run from an explicit project directory cwd supplied at execution time, accept only a trusted relative local chart path, avoid caller-supplied Helm flags, avoid shell wrappers, and never expose install, upgrade, uninstall, rollback, repo, dependency build/update, package, push, pull, registry credentials, kubeconfig, kube-context, namespace, values files, set overrides, cluster validation, or cluster mutation. Lint findings and render diagnostics are returned as inspectable text. Requires helm on PATH.

pack:helmhelmkubernetescharts
by Recued CoreCertified v1 1 item Pack
Help Scout Conversation Reply Closure Loop

Workflow pack for Recued-sent Help Scout public replies. It composes the Help Scout capability pack with a closure ledger: send one public conversation reply through the existing Help Scout approval gate, set a configured Help Scout status such as pending in the same reply, persist only the connection/conversation reply-watch linkage in data.shared, and let a scheduled watcher re-read that exact conversation until Help Scout reports closed/spam or an owner-actionable status such as active/open. This pack does not replace Help Scout Workflows, manual workflows, inbox rules, mailbox/admin settings, webhook automation, native notifications, or helpdesk queue rules; it adds Recued-visible closure state for conversations Recued replied to.

pack:helpscout-conversation-reply-closurehelpscoutsupporthelpdesk
by Recued CoreCertified v1 3 items Pack
Support Inbox - Help Scout

API capability pack for bounded Help Scout Inbox API v2 operations. Enroll a Help Scout OAuth2 bearer connection named helpscout for https://api.helpscout.net/v2. The pack reads inboxes, folders, conversations, conversation threads, customers, users, teams, tags, and conversation-volume reports, and bundles support workflows for inbox triage, conversation review, customer replies/internal notes, and conversation intake. Writes are approval-gated and limited to creating one conversation, adding one customer reply, or adding one internal note at a time. Deletes, attachment upload/download, tag mutation, custom-field replacement, workflow execution or updates, user provisioning, webhook mutation, Docs API, Beacon/chat APIs, mailbox/admin settings, exports, bulk mutation, and arbitrary Help Scout endpoints are intentionally not exposed. No credential is embedded in the manifest.

pack:helpscouthelpscoutsupporthelpdesk
by Recued CoreCertified v1 5 items Pack
Deployments - Heroku

API capability pack for bounded Heroku Platform API operations against https://api.heroku.com only. Enroll a Heroku OAuth or API-token bearer connection named heroku; no credential is embedded in this manifest. The pack reads account metadata, apps, dynos, formations, releases, builds, domains, pipelines, pipeline couplings, teams, spaces, regions, stacks, dyno sizes, and app add-on inventory for deployment operations, runtime investigation, release readiness, rollback review, and infrastructure inventory. Approval-gated writes are limited to creating one app, creating one build from one source blob URL, canceling one build, creating one domain, restarting or stopping selected dynos/formations, scaling one formation, and rolling back one release. The pack intentionally excludes app/domain/team/space/pipeline/add-on deletion, config-var value reads or writes, account mutation/deletion, billing and invoices, OAuth token/client/grant administration, SSH keys, team membership/invitations/permissions, add-on provisioning and plan mutation, private-space networking changes, log-session URL creation, log-drain mutation, app webhooks, ACM mutation, app transfer, arbitrary one-off dyno command creation, and arbitrary Heroku API passthrough.

pack:herokuherokuhostingdeployments
by Recued CoreCertified v1 10 items Pack
hledger Pack

V3 deterministic plain-text accounting report pack. By-value connector composition (service_kind=cli, no separate ingredient): the local hledger CLI reads one journal file and emits fixed text reports via ledger.balance_report and ledger.income_statement catalog operations. Fixed-function and reproducible: the executor materializes the source journal and owns the throwaway output directory, while hledger writes fixed report files captured as result.file_ref. Write-tier but approval=never: hledger writes only to an engine-managed output dir, exposes no arbitrary query/filter/report expression, and journal bytes never flow through op-step values. Requires hledger on PATH (Debian/Ubuntu: apt install hledger). Local and no-egress.

pack:hledgerhledgercliledger
by Recued CoreCertified v1 1 item Pack
HubSpot

The HubSpot vendor pack — bundles the `hubspot-catalog` D-165 catalog ingredient so every HubSpot Tier-P op (`recued-core.hubspot.deal.read`, `contact.search`, `company.read`, `deal.create`, …) resolves against one installed binding. Vendor-specific recipes declare `depends_on: ["recued-core.hubspot"]` and read HubSpot records RAW (`{{step.deal.result.properties.hs_*}}`) — the catalog op owns only how a recipe-named property folds into the request query (D-182 §3 Tier-P, decision-b). It also bundles the HubSpot augmentation producers/alerts (deal health + velocity signals, closing-soon + low-engagement + new-inquiry notifications) and the contact-maintenance write recipes — each binds its op-steps against this pack's own catalog at install (D-182 §3 first-party self-reference). Installs the catalog dormant until each recipe's HubSpot connection variable is bound to an enrolled connection (Settings → Connections); every call then runs through the D-165 gateway (operation-level risk/grant/approval + per-call audit). Cross-vendor canonical recipes live in `recued-core.crm` instead.

pack:hubspotcrmhubspotvendor
by Recued CoreCertified v1 3 items Pack
AI Hub - Hugging Face

API capability pack for bounded Hugging Face Hub REST API operations against https://huggingface.co only. Enroll a Hugging Face user access token bearer connection named huggingface; no credential is embedded in this manifest. The pack reads Hub quicksearch, trending items, documentation search, model and dataset tag catalogs, Spaces hardware, collections, Daily Papers, Paper Pages, repository trees, commits, refs, security scans, and discussions for AI model, dataset, Space, and research discovery workflows. It bundles a Hub discovery brief, a model repository readiness brief, a Daily Papers digest, and approval-gated workflows for creating one repository discussion or one collection. Writes are limited to creating one collection or one repository discussion. The pack intentionally excludes repo create, move, delete, commit, upload, preupload, branch, tag, settings, and super-squash operations; Xet, JWT, registry, and service-account token endpoints; secrets, variables, volumes, billing, webhooks, organization admin, and access-grant/request/report endpoints; paper comments, claims, indexing, and link mutation; collection patch/delete/item mutation; arbitrary file resolve/download endpoints; and arbitrary Hugging Face API passthrough.

pack:huggingfacehuggingfaceaimodels
by Recued CoreCertified v1 6 items Pack
jq Pack

V3 deterministic JSON validation and fixed-query capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local jq CLI exposes readiness, JSON validation, pretty formatting, top-level key extraction, sorted key listing, document length, and object key-existence checks. This pack deliberately does not expose arbitrary jq filters, module loading, raw input, slurp mode, file/program filters, library paths, or environment overrides. json.validate materializes a file_ref and captures no stdout/stderr; value-returning operations are path-based because requested JSON content or metadata is returned on stdout. Requires jq on PATH (Debian/Ubuntu: apt install jq; macOS: brew install jq). Local and no-egress.

pack:jqjqclijson
by Recued CoreCertified v1 1 item Pack
ImageMagick Pack

V3 deterministic image-bridge capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local ImageMagick CLI (magick) ingredient exposes bounded operations for readiness, supported-format discovery, first-frame image identification, PNG conversion, auto-orientation, aspect-preserving resize, thumbnail generation, metadata stripping, and grayscale PNG derivation. The image parse-in bridge of the media toolkit turns formats the model cannot read (HEIC / TIFF / BMP / camera-raw) into PNG and can inspect dimensions/format before conversion. Fixed-function and reproducible: conversion and identification happen locally before any model sees the content; no shell wrapper, no arbitrary ImageMagick flags, no display/import/capture commands, no MSL/conjure, no profile editing, no remote URL fetch options, and no caller-controlled output path. File-ref operations write only into an engine-managed throwaway temp dir, capture result.file_ref, and remove the temp dir after capture. Requires the ImageMagick v7 binary (magick) on PATH. Part of the Lane-1 media toolkit alongside whisper (transcribe) and ffmpeg (extract audio).

pack:imagemagickimagemagickmagickcli
by Recued CoreCertified v1 1 item Pack
Incident Response - incident.io

API capability pack for bounded incident.io REST API operations against https://api.incident.io only. Reads API-key identity, incidents, incident updates, actions, follow-ups, severities, incident statuses, users, teams, schedules, and escalations, and supports approval-gated incident creation/editing plus action and follow-up creation/update. Bundles an operations digest, incident and follow-up triage briefs, and approval-gated workflows for incident intake, incident field edits, action creation, and follow-up creation. Enroll an incident.io API-key connection named incidentio that injects Authorization: Bearer <api-key> with the narrowest incident.io roles needed for the installed operations. The pack intentionally excludes deletes, API-key rotation, incident membership revocation, status page mutation, schedule/config mutation, escalation creation/cancelation, catalog mutation, admin/security APIs, workflows, webhooks, audit logs, and arbitrary API passthrough.

pack:incidentioincidentioincident.ioincidents
by Recued CoreCertified v1 8 items Pack
Intercom Conversation Reply Closure Loop

Workflow pack for Recued-sent Intercom customer replies. It composes the Intercom capability pack with a closure ledger: send one public admin comment through the existing Intercom approval gate, persist only the connection/conversation reply-watch linkage in data.shared, and let a scheduled watcher re-read that exact conversation until Intercom reports a configured closure state or a customer-waiting owner-review signal after the Recued reply. This pack does not replace Intercom Workflows, Rules, snooze/reopen/close automation, assignment/routing, SLAs, native notifications, webhooks, or teammate workflows; it adds Recued-visible closure state for conversations Recued replied to.

pack:intercom-conversation-reply-closureintercomsupportconversation
by Recued CoreCertified v1 2 items Pack
Support - Intercom

API capability pack for bounded Intercom support, customer, ticket, and Help Center operations against https://api.intercom.io using Intercom API version 2.15. Enroll an intercom API connection as bearer auth or OAuth bearer auth; no credential is embedded in the manifest. The pack reads admins, teams, contacts, companies, conversations, tickets, tags, segments, data attributes, contact/company notes, and Help Center articles for daily support triage, and approval-gates customer/profile maintenance, notes, replies, assignment/open/close/snooze workflow actions, tagging, and ticket creation/update. It also bundles a scheduled conversation triage digest, an AI-assisted conversation/customer review brief, and approval-gated conversation reply workflow. The bundled recipes only use conversation.reply as a write. Deletes, redaction, archive/block/merge, subscription changes, article publishing, tag creation/deletion, admin away-mode changes, data-attribute writes, IP allowlist/admin settings, and arbitrary Intercom endpoints are intentionally not exposed.

pack:intercomintercomsupporthelpdesk
by Recued CoreCertified v1 4 items Pack
Jest Pack

V3 JavaScript/TypeScript test-run capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local jest CLI ingredient exposes bounded project operations for readiness and exact-path test execution. Test runs execute from an explicit project directory cwd supplied at execution time, accept one trusted exact test file path, return plain test output, avoid caller-supplied Jest flags, avoid shell wrappers, and keep test failures visible as text output. Fixed invocation, but approval-gated: Jest loads project config, environments, transforms, setup files, runners, serializers, and test code, so the run may execute arbitrary project Node code. The pack uses CI behavior, exact-path test selection, serial execution, cache disabled, colors disabled, no watch mode, no snapshot update, no caller-supplied config/root/project/reporter/output-file/coverage/watch/debug/changed/randomize/seed/test-name/environment/runner/transform/cache-clear/notification surface, no stdin, no environment override, and no arbitrary command execution. Requires jest on PATH.

pack:jestjestjavascripttypescript
by Recued CoreCertified v1 1 item Pack
Jira Issue Closure Loop

Workflow pack for Recued-created Jira issues. It composes the Jira capability pack with a closure ledger: create one owner-approved Jira issue in one configured cloud/project, persist only the connection/cloud/project/issue linkage in data.shared, and let a scheduled watcher re-read that exact issue until Jira reports the issue has reached the Done status category. This pack does not replace Jira workflow transitions, assignments, boards, sprints, automations, native notifications, webhooks, comments, worklogs, labels, due dates, or general issue reporting; it adds Recued-visible closure state for Jira issues Recued created.

pack:jira-issue-closurejiraatlassianissues
by Recued CoreCertified v1 2 items Pack
Jira Issue Comment Closure Loop

Workflow pack for Recued-created Jira issue comments. It composes the Jira capability pack with a closure ledger: add one owner-approved Atlassian Document Format comment to an existing Jira issue, persist only the connection/cloud/issue/comment linkage in data.shared, and let a scheduled watcher re-read that exact issue until Jira reports the issue has reached the Done status category. This pack does not replace Jira issue comments, native notifications, workflow transitions, assignments, boards, sprints, automations, webhooks, or general issue reporting; it adds Recued-visible closure state for issue comments Recued created.

pack:jira-issue-comment-closurejiraatlassianissues
by Recued CoreCertified v1 2 items Pack
Work Tracking - Jira

API capability pack for bounded Jira Cloud issue-tracking operations through Atlassian OAuth at https://api.atlassian.com only. Lists accessible Atlassian resources to discover cloud IDs, reads the current Jira user, searches assignable users, searches projects and issues, reads fixed personal issue queues, reads Jira Software boards and sprints, reads one issue, reads/adds comments, lists/performs workflow transitions, assigns and edits one issue, and reads/adds worklogs. Bundles a scheduled personal issue digest, an AI-assisted issue review brief, and an approval-gated issue intake workflow. This is intended for daily personal, team, and one-person-company work-tracking workflows: triage assigned or reported issues, review recently updated work, inspect board/sprint context, leave follow-up notes, move work through status, assign ownership, update basic issue fields, and log work. Enroll an Atlassian OAuth access token connection as bearer auth; no credential is embedded in the manifest. Writes are approval-gated. The pack intentionally excludes deletes, bulk mutation, project/admin configuration, board/sprint creation or mutation, permissions changes, attachments, watchers/votes, issue links, remote links, notifications, comment/worklog edits, arbitrary JQL mutation, and arbitrary Jira endpoint passthrough.

pack:jirajiraatlassianissues
by Recued CoreCertified v1 4 items Pack
Forms and Intake - Jotform

API capability pack for bounded Jotform API operations against https://api.jotform.com. Enroll a Jotform API key connection named jotform with form, submission, report, and webhook read access plus write access only when approval-gated form, question, submission, or report workflows are installed. The pack reads account profile and usage, forms, questions, submissions, reports, uploaded-file metadata, and webhook registrations for intake operations, lead routing, support triage, application review, compliance intake, and campaign response workflows. It bundles a scheduled intake submission digest, AI-assisted submission and form readiness briefs, and approval-gated workflows for creating one form, adding one form question, submitting one response, and creating one report. Writes use Jotform's documented form-encoded body shapes and are limited to one target resource at a time. The pack intentionally excludes deletes, submission updates, form clone, folder and label mutation, user settings mutation, webhook creation or deletion, uploaded file download, user registration/login/logout, OAuth token endpoints, and arbitrary Jotform API passthrough.

pack:jotformjotformformsintake
by Recued CoreCertified v1 8 items Pack
JPEGOptim Pack

V3 deterministic JPEG optimization capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local jpegoptim CLI writes an optimized copy of one JPEG into an engine-owned output directory via image.optimize_jpeg. This pack deliberately avoids in-place mutation by using jpegoptim's --dest option. Write-tier but approval=never: jpegoptim writes only under {out_dir} and the optimized JPEG is captured as result.file_ref. Requires jpegoptim on PATH (Debian/Ubuntu: apt install jpegoptim; macOS: brew install jpegoptim). Local and no-egress.

pack:jpegoptimjpegoptimcliimage
by Recued CoreCertified v1 1 item Pack
Checkout Payments - Klarna

API capability pack for bounded Klarna Payments API v1 operations against the Europe live host https://api.klarna.com. Enroll a klarna API connection as HTTP Basic authentication using Klarna merchant API credentials; no credential is embedded in the manifest. The pack creates, reads, and updates Klarna payment sessions, then creates one order from one authorization token after checkout. Writes are approval-gated. It intentionally excludes authorization cancellation, customer-token creation, tokenized recurring charges, order-management capture/refund/cancel/update actions, Hosted Payment Page distribution, webhooks, regional host switching, and arbitrary API passthrough.

pack:klarnaklarnapaymentscheckout
by Recued CoreCertified v1 5 items Pack
Marketing Automation - Klaviyo

API capability pack for bounded Klaviyo API operations against https://a.klaviyo.com only, pinned to revision 2026-04-15. Reads accounts, profiles, lists, segments, tags and tag groups, campaigns and messages, flows and flow messages, templates, metrics, events, reporting queries, and catalog items/variants/categories for daily ecommerce marketing work. Approval-gated writes are limited to one-profile create/import/update/merge, list create/update and explicit profile membership changes, tag create/update and explicit tag assignments, one event create, campaign send/cancel and recipient-estimate jobs, and flow status updates. Enroll a Klaviyo private API key connection that injects Authorization: Klaviyo-API-Key ... or an equivalent OAuth bearer/header connection; no credential is embedded in the manifest. The pack intentionally excludes profile deletion, suppression/subscription bulk jobs, campaign/template/flow creation or deletion, template editing, catalog mutation, webhooks, client public-key APIs, reviews client APIs, data-privacy deletion, push-token mutation, custom objects, bulk imports/exports, and arbitrary API passthrough.

pack:klaviyoklaviyoemailmarketing
by Recued CoreCertified v1 1 item Pack
Kubeconform Pack

V3 Kubernetes manifest validation capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local kubeconform CLI ingredient exposes bounded Kubernetes manifest operations for readiness and schema validation. Project operations run from an explicit project directory cwd supplied at execution time, accept only a trusted relative manifest file or directory plus one Kubernetes version, avoid caller-supplied kubeconform flags, avoid shell wrappers, and keep diagnostics visible as JSON output. Validation uses strict mode, summary, JSON output, and the default schema location only; it exposes no stdin, ignore pattern, skip/reject list, schema-location override, schema cache path, insecure TLS, debug profile, environment override, or arbitrary command execution. Approval is ask because kubeconform may download schemas over HTTP(S) for the requested Kubernetes version. Requires kubeconform on PATH.

pack:kubeconformkubeconformkubernetesmanifests
by Recued CoreCertified v1 1 item Pack
kubectl Pack

V3 kubectl CLI capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local kubectl CLI ingredient exposes bounded Kubernetes developer operations for client readiness, local kubeconfig inspection, and local Kustomize rendering. Client/config operations do not contact a Kubernetes API server; the redacted config view deliberately uses --raw=false and approval=ask because even non-raw kubeconfig metadata can reveal local cluster and user names. Project operations run from an explicit project directory cwd supplied at execution time, accept only a trusted relative kustomization directory, avoid caller-supplied kubectl flags, avoid shell wrappers, and never expose apply, diff, delete, get, exec, logs, port-forward, rollout, live cluster reads/writes, raw kubeconfig secrets, caller-supplied kubeconfig/context/namespace, output-file writes, alpha plugins, Helm inflator enablement, function network mode, function mounts, environment override, or arbitrary command execution. Kustomize render output and diagnostics are returned as inspectable text. Requires kubectl on PATH.

pack:kubectlkubectlkustomizekubernetes
by Recued CoreCertified v1 1 item Pack
Feature Flags - LaunchDarkly

API capability pack for bounded LaunchDarkly REST API operations against https://app.launchdarkly.com only. Reads projects, environments, feature flags, flag statuses, and audit log entries, and supports approval-gated feature flag creation plus semantic flag on/off updates. Bundles a scheduled release flag digest, an AI-assisted flag change brief, and approval-gated turn-flag-on / turn-flag-off workflows. Enroll a LaunchDarkly API-key connection named launchdarkly that injects the Authorization header with the narrowest permissions needed for the installed operations. The pack intentionally excludes flag deletion/archive/restore, targeting rule edits, variations, prerequisites, segments, contexts, members, teams, custom roles, account settings, SDK keys, webhooks, integrations, data export destinations, relay proxy configuration, approvals review, and arbitrary API passthrough.

pack:launchdarklylaunchdarklyfeature-flagsrelease-management
by Recued CoreCertified v1 5 items Pack
Recruiting ATS - Lever

API capability pack for bounded Lever Data API v1 operations against https://api.lever.co/v1. Enroll a Lever API key Basic Auth connection or OAuth bearer connection named lever with opportunity, posting, interview, feedback, note, offer, requisition, source, stage, tag, and user access. The pack reads recruiting pipeline records for hiring operations digests, opportunity evidence briefs, posting readiness review, interview and feedback follow-up, offer tracking, and recruiting operations reporting. It bundles a scheduled recruiting digest, AI-assisted opportunity and posting briefs, and approval-gated workflows for creating one opportunity and adding one opportunity note. Writes are limited to one opportunity or note at a time. The pack intentionally excludes file uploads, file/resume/offer downloads, candidate-path deprecated endpoints, opportunity stage/archive/link/tag/source mutation, panel/interview creation or mutation, feedback mutation, offer creation or mutation, posting/requisition/user administration, webhooks, OAuth token generation, and arbitrary Lever API passthrough.

pack:leverleveratsrecruiting
by Recued CoreCertified v1 6 items Pack
LibreOffice Pack

V3 deterministic office-conversion capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local LibreOffice soffice CLI ingredient exposes readiness plus fixed conversions from office documents to PDF, UTF-8 text, and HTML. Fixed-function and reproducible: the executor materializes the source file and owns the throwaway output directory, while soffice writes converted artifacts there and each result is captured as result.file_ref. Write-tier but approval=never: soffice writes only under an engine-managed output dir, exposes no arbitrary flags, macros, printer routing, template paths, remote URLs, or caller-supplied output paths, and never streams document bytes through op-step values. Requires the soffice binary on PATH (Debian/Ubuntu: apt install libreoffice-writer-nogui or libreoffice-writer; macOS: install LibreOffice and expose soffice). Local process, no shell, no intentional network egress.

pack:libreofficelibreofficesofficecli
by Recued CoreCertified v1 1 item Pack
Linear Issue Closure Loop

Workflow pack for Recued-created Linear issues. It composes the Linear capability pack with a closure ledger: create one owner-approved issue in one Linear team, optionally attach it to a configured project, persist only the connection/team/project/issue linkage in data.shared, and let a scheduled watcher re-read that exact issue until Linear reports it completed or canceled. This pack does not replace Linear workflow states, issue views, project views, cycles, roadmaps, native notifications, automations, comments, or general issue reporting; it adds Recued-visible closure state for issues Recued created.

pack:linear-issue-closurelinearissuescollaboration
by Recued CoreCertified v1 2 items Pack
Linear Issue Comment Closure Loop

Workflow pack for Recued-created Linear issue comments. It composes the Linear capability pack with a closure ledger: add one owner-approved Markdown comment to an existing Linear issue, persist only the connection/issue/comment linkage in data.shared, and let a scheduled watcher re-read that exact issue until Linear reports it completed or canceled. This pack does not replace Linear comments, native notifications, issue workflow states, project views, reminders, roadmaps, or general issue reporting; it adds Recued-visible closure state for issue comments Recued created.

pack:linear-issue-comment-closurelinearissuescomments
by Recued CoreCertified v1 2 items Pack
Work Tracking - Linear

API capability pack for bounded Linear GraphQL operations against https://api.linear.app only. Reads the current user, workspace users, teams, workflow states, projects, project updates, cycles, labels, issues, and issue comments for solo software work queues, bug triage, roadmap follow-up, and customer-feedback-to-issue workflows. It also exposes fixed daily views for assigned issues, created issues, blocked issues, active cycles, and next cycles without arbitrary GraphQL passthrough. Bundles a scheduled my-work digest, an AI-assisted issue/project brief, and an approval-gated issue intake workflow. Enroll a Linear personal API key or OAuth access token connection; no credential is embedded in the manifest. Writes are limited to creating or updating one issue, moving one issue to an explicit workflow state, and adding one issue comment, all approval-gated. The pack intentionally excludes arbitrary GraphQL, deletes, archive/unarchive, issue sharing/subscriptions, label writes, reminders, imports, admin configuration, webhooks, documents, releases, initiatives, customers, and project mutations.

pack:linearlinearissuesprojects
by Recued CoreCertified v1 4 items Pack
LP Print Pack

V3 local print capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local CUPS lp CLI submits a source document to a configured printer queue via the document.print catalog operation. This is a physical side-effecting operation: it can disclose document contents and consume paper/ink, so it is write-tier and approval=ask. The source can be a data.file ref or a trusted local path; the printer arg is editable so a recipe can prefill the user's default queue while the approval gate can override it before release. Requires CUPS client tools and a configured printer queue on PATH (Debian/Ubuntu: apt install cups-client; macOS: lp is built in with CUPS). Local and no-egress beyond the configured local/network printer transport.

pack:lplpcupscli
by Recued CoreCertified v1 1 item Pack
Mail Commitment Proposal Loop

Core-only workflow pack for turning filtered inbound mail into Recued commitments. The producer is fail-closed by default until the owner configures subject or sender allow terms; matching mail is then read, extracted into one likely commitment, and persisted only as a small proposal ledger row in data.shared. The manual recipe creates the Recued commitment after the owner chooses to run it. This pack does not send email, depend on an external CRM or task vendor, create vendor work, or scan the full mailbox by default: it adds a deterministic filter and approval step between email and Recued-native commitments.

pack:mail-commitment-proposalemailmailcommitment
by Recued CoreCertified v1 1 item Pack
Mail Task Proposal Loop

Core-only workflow pack for turning filtered inbound mail into Recued tasks. The producer is fail-closed by default until the owner configures subject or sender allow terms; matching mail is then read, extracted into one likely owner task, and persisted only as a small proposal ledger row in data.shared. The manual recipe creates the Recued task after the owner chooses to run it. This pack does not send email, depend on an external work tracker, create vendor tasks, or replace the inbox: it adds a deterministic filter and approval step between email and Recued-native work.

pack:mail-task-proposalemailmailtask
by Recued CoreCertified v1 1 item Pack
Email Marketing - Mailchimp

API capability pack for bounded Mailchimp Marketing API 3.0 operations. The default egress base is https://us1.api.mailchimp.com/3.0; enroll a Mailchimp connection named mailchimp with HTTP Basic auth using the API key as the password, and set the connection base_url to the account data-center host such as https://us21.api.mailchimp.com/3.0 when it is not us1. Reads account health, audiences, members, tags, notes, segments, merge fields, campaigns, campaign content, send checklists, campaign feedback, reports, templates, automations, and ecommerce store/customer/order/product metadata. Bundles a scheduled audience health digest, an AI-assisted campaign performance brief, and an approval-gated campaign draft workflow. Writes are approval-gated and limited to one audience, member, tag update, event, note, segment, merge field, campaign draft/content/feedback, template, ecommerce store, ecommerce customer, or ecommerce product at a time. Subscriber detail/tag/note routes use Mailchimp's documented subscriber_hash value, the MD5 hash of the lowercase email address. The pack intentionally excludes arbitrary API passthrough, batch operations, campaign send/schedule/cancel/pause/resume, SMS sends, automation start/pause/archive, destructive deletes including permanent subscriber deletion, webhook mutation, OAuth token exchange, file uploads, and admin/billing operations.

pack:mailchimpmailchimpemailmarketing
by Recued CoreCertified v1 4 items Pack
Email Deliverability - Mailgun

API capability pack for bounded Mailgun US API calls against https://api.mailgun.net only. Reads domains, DNS verification records, tracking and queue state, delivery events, domain and tag stats, tags, templates, suppression lists, mailing lists, list members, and inbound routes; can trigger one domain verification, remove one suppression record, and remove one mailing-list member. Enroll a Mailgun Basic Auth connection with username api and the API key as password; no credential is embedded in the manifest. Writes are approval-gated. The pack intentionally excludes EU-host calls, email sending, MIME/message attachment retrieval, domain/list/template/route create-update-delete, bulk suppression imports/clears, webhook/IP/admin management, and arbitrary API passthrough.

pack:mailgunmailgunemaildeliverability
by Recued CoreCertified v1 1 item Pack
Make Test Pack

V3 generic project test-run capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local make CLI ingredient exposes bounded project operations for readiness and fixed-target test execution. Test runs execute the fixed test target from one explicit project directory cwd and return plain make output via the project.test_run catalog operation. Fixed invocation, but approval-gated: Makefiles can execute arbitrary project commands, compilers, scripts, containers, network clients, and test code, and may write project or cache state. The pack exposes no caller-supplied target, variables, makefile path, directory flag, job control, environment override, stdin, or shell wrapper; it runs exactly make test in the declared cwd. Test failures and make diagnostics are represented as text results so the caller can inspect the output. Requires make on PATH.

pack:make-testmakemakefileproject
by Recued CoreCertified v1 1 item Pack
Make Pack

API capability pack for bounded Make API v2 operations. Enroll a make API connection with Authorization: Token <api-token> and set base_url to the user's Make zone API root, such as https://eu1.make.com/api/v2, https://eu2.make.com/api/v2, https://us1.make.com/api/v2, https://us2.make.com/api/v2, or a Celonis Make zone. The pack reads and manages user-owned automation resources: organizations, teams, variables, users, scenarios, scenario folders, blueprints, logs, executions, connections, hooks, templates, data stores, data structures, keys, custom-function metadata, RPC calls, notifications, incomplete executions, and analytics. The pack keeps account/admin and code-writing surfaces narrow; writes and execution-like calls are approval-gated. It intentionally excludes billing/subscription/payment mutation, password reset flows, admin-only White Label/platform administration, SDK app publishing, SSO certificates, devices, arbitrary API passthrough, and endpoints whose main purpose is account takeover or platform administration rather than daily automation operations.

pack:makemakemake.comautomation
by Recued CoreCertified v1 1 item Pack
markdownlint Pack

V3 Markdown lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local markdownlint CLI ingredient exposes bounded project operations for readiness and Markdown lint diagnostics. Lints run from an explicit project directory cwd supplied at execution time, check one trusted Markdown file, directory, or glob, and return JSON findings via the markdown.lint catalog operation. Fixed-function and reproducible at the invocation boundary: JSON output, no fix mode, no output-file write, no stdin, no caller-supplied config path, no custom rules, no caller-supplied ignore path, no arbitrary markdownlint flags, no shell wrapper, and no network egress. The command disables MD013 line-length noise to make the pack useful for prose-heavy docs by default; remaining findings are represented as successful JSON output. Requires markdownlint on PATH. Local and no-egress.

pack:markdownlintmarkdownlintmarkdowndocs
by Recued CoreCertified v1 1 item Pack
MarkItDown Pack

V3 deterministic document-to-Markdown capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local markitdown CLI converts one source document into Markdown via the document.to_markdown catalog operation. This is a lighter alternative to docling for simple office/document inputs. Write-tier but approval=never: markitdown writes only to an engine-managed throwaway output dir and the Markdown is captured as result.file_ref; source bytes and converted text never flow through op-step stdout values. Requires markitdown on PATH (Python environments: pip install markitdown==0.1.3 or a compatible installed CLI). Local and no-egress; Document Intelligence and plugin flags are not exposed.

pack:markitdownmarkitdownclidocument
by Recued CoreCertified v1 1 item Pack
Maven Pack

V3 Maven CLI toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local mvn CLI ingredient exposes bounded project operations for readiness, compile checking, and test execution. Project operations run from an explicit project directory cwd supplied at execution time, use Maven batch mode, suppress transfer progress and snapshot update checks, avoid caller-supplied Maven goals/profiles/properties/settings/toolchains/module selectors, avoid wrapper scripts and shell wrappers, and keep diagnostics visible as text output. Compile and test operations are approval-gated because Maven may resolve dependencies and plugins, execute build plugins, compile project code, run tests, and write target directories or local Maven cache entries. Requires mvn on PATH.

pack:mavenmavenjavajunit
by Recued CoreCertified v1 1 item Pack
Subscription Billing - Maxio

API capability pack for bounded Maxio Advanced Billing REST operations. Enroll a maxio connection with base_url set to the tenant site host, for example https://acme.chargify.com for US sites or https://acme.ebilling.maxio.com for EU sites; the manifest uses https://example.chargify.com as the template host following the tenant-host pack pattern. The connection must use Maxio Basic Auth with API key as username and x as password. Reads site settings, revenue stats, MRR, customers, subscriptions, products, product families, components, subscription components, allocations, usages, invoices, credit notes, coupons, and events for billing operations, subscription support, usage billing, and revenue review. Approval-gated writes are limited to creating one customer, creating one subscription, previewing or creating one invoice, creating one usage record, creating one component allocation, applying one coupon, or removing one coupon at a time. The pack intentionally excludes arbitrary endpoint passthrough, payment profile and raw card/bank handling, refunds, external payment recording, invoice void/reopen/issue/send actions, customer/subscription/product/component/coupon deletion or archival, site clearing, webhooks, API key administration, event-based-billing bulk ingestion, subscription purge, and destructive cleanup workflows.

pack:maxiomaxioadvanced-billingsubscription-billing
by Recued CoreCertified v1 9 items Pack
Media Transcribe & Summarize

Turn recorded audio and video into staged notes and action items - the workflow over the media toolkit. transcribe-audio-to-notes runs a recorded audio file through the local whisper tool (audio -> transcript file ref) and summarizes it; transcribe-video-to-notes runs the full chain, extracting the audio track with the local ffmpeg tool first (video -> audio file ref) then transcribing and summarizing; transcribe-audio-to-actions extracts concrete action items from the transcript and optionally writes them as Recued tasks; transcribe-audio-to-commitments extracts explicit commitments (who promised what to whom) from the transcript and optionally writes them to Recued's commitment tracker; transcribe-media-watch is the Drive-folder source lane - it polls a Google Drive folder for new audio or video recordings, downloads each straight into the warehouse CAS, runs the full extract-audio -> transcribe -> summarize chain, and stages a transcript + summary note (the manual single-file lanes are the transcribe-audio/video-to-notes recipes). All are preview-first - they stage a note or show the action items and write nothing until asked. Every handoff is a Gateway-gated data.file ref, so the media bytes and the transcript text never flow through op-step values - the model reads the transcript by ref as a document content part (so it needs a document-capable model). The audio/video analog of the smb-invoice-finance intake pack (docling parse -> extract -> stage). Depends on the whisper and ffmpeg tool packs, plus the personal-organizer-foundation pack for the work-entity task/commitment substrate the action-items and commitments recipes write to. Long recordings can exceed the 90s foreground cap per tool call (they ride a detached execution path when it lands).

pack:media-transcribemediaaudiovideo
by Recued CoreCertified v1 5 items Pack
MediaInfo Pack

V3 deterministic media-metadata capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local mediainfo CLI ingredient exposes readiness, supported-parameter discovery, human-readable media inspection, and JSON metadata for one trusted local media/document path. The metadata operations are read-only and path-based stdout values because the metadata itself is the requested output; they intentionally do not combine file_ref materialization with stdout capture. Requires mediainfo on PATH (Debian/Ubuntu: apt install mediainfo; macOS: brew install media-info). Local and no-egress; no shell wrapper, arbitrary MediaInfo flags, recursive directory scan, remote URL fetch, or file output path is exposed.

pack:mediainfomediainfoclimedia
by Recued CoreCertified v1 1 item Pack
Meeting Notes To Action

One-person-company workflow pack that turns normalized meeting notes into visible action candidates, with optional writes to Recued tasks and commitments. It depends on the docling pack for local document parsing and the organizer foundation for the work-entity substrate.

pack:meeting-notes-to-actionmeeting-notesdoclingdocument
by Recued CoreCertified v1 1 item Pack
Endpoint Security - Microsoft Defender for Endpoint

API capability pack for bounded Microsoft Defender for Endpoint operations against https://api.security.microsoft.com. Enroll a Microsoft Defender for Endpoint OAuth bearer connection named microsoft-defender with least-privilege WindowsDefenderATP API permissions for the installed operations. The pack reads alerts, machines, machine-related alerts, logon users, machine actions, exposure score, security recommendations, and vulnerability information for endpoint security triage, vulnerability review, and incident response context. It bundles a scheduled endpoint security digest, an AI-assisted machine investigation brief, and approval-gated workflows for isolating one machine, releasing one machine from isolation, or updating one alert. The pack intentionally excludes advanced hunting query passthrough, live response, offboarding, antivirus scan actions, file quarantine/stop actions, package collection, cancel action, machine tag mutation, indicator creation/deletion, alert creation, bulk alert update, raw tenant export/download endpoints, arbitrary Defender API passthrough, and credential-bearing fields in operation arguments.

pack:microsoft-defender-endpointmicrosoft-defender-endpointdefender-for-endpointmicrosoft-defender
by Recued CoreCertified v1 6 items Pack
Identity Governance - Microsoft Entra ID

API capability pack for bounded Microsoft Entra ID operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Enroll a Microsoft Graph OAuth bearer connection named microsoft with least-privilege Graph scopes for the installed operations. The pack reads users, groups, group members, applications, service principals, directory audit logs, and sign-in logs for access governance, offboarding review, and identity incident triage. It bundles a scheduled access hygiene digest, an AI-assisted user access brief, and approval-gated workflows for disabling/enabling one user and adding/removing one user from one group. The pack intentionally excludes user creation/deletion, password reset/change, MFA/authentication method mutation, role/admin assignment, app credential/secret/key mutation, application/service-principal creation or deletion, conditional access/policy mutation, device deletion, license assignment, mailbox/file/calendar surfaces, arbitrary Graph passthrough, and beta endpoints.

pack:microsoft-entramicrosoft-entraentra-idmicrosoft-graph
by Recued CoreCertified v1 7 items Pack
Endpoint Management - Microsoft Intune

API capability pack for bounded Microsoft Intune endpoint-management operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Enroll a Microsoft Graph OAuth bearer connection named microsoft with least-privilege Intune Graph scopes for the installed operations. The pack reads managed devices, detected apps, compliance policies, device configuration profiles, mobile apps, and Intune audit events for device compliance triage, endpoint inventory review, and help-desk action context. It bundles a scheduled device compliance digest, an AI-assisted device brief, and approval-gated workflows for syncing one managed device or remotely locking one managed device. The pack intentionally excludes wipe, retire, delete, reboot, shutdown, passcode recovery or reset, activation-lock bypass, lost-mode, remote assistance, Windows Defender scan/signature actions, Autopilot mutation, app or policy mutation, role/admin changes, beta endpoints, arbitrary Graph passthrough, and credential-bearing fields in operation arguments.

pack:microsoft-intunemicrosoft-intuneintunemicrosoft-graph
by Recued CoreCertified v1 5 items Pack
Microsoft To Do Task Closure Loop

Workflow pack for Recued-created Microsoft To Do tasks. It composes the Microsoft To Do capability pack with a closure ledger: create one owner-approved task in an existing task list, persist only the connection/list/task linkage in data.shared, and let a scheduled watcher re-read that exact task until Microsoft To Do reports completion. This pack does not replace Microsoft To Do reminders, categories, checklist items, linked resources, daily digests, Outlook task surfaces, shared-list permissions, attachments, open extensions, or general task dashboards; it adds Recued-visible closure state for To Do tasks Recued created.

pack:microsoft-todo-task-closuremicrosoft-todomicrosoft-graphmicrosoft-365
by Recued CoreCertified v1 2 items Pack
Tasks - Microsoft To Do

API capability pack for bounded Microsoft To Do operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Enroll a Microsoft Graph OAuth bearer connection named microsoft with the narrowest Graph Tasks scopes needed for the installed operations. Reads the current user, To Do task lists, tasks, checklist items, and linked resources. Bundles a scheduled task-list digest, an AI-assisted task brief, and an approval-gated task intake workflow with optional checklist items and linked source metadata. Writes are approval-gated and limited to creating a task list, creating/updating one task, creating/updating checklist items, and creating linked resources. The pack intentionally excludes task/list/checklist deletes, attachments, open extensions, delta-sync cursors, shared-mailbox/user impersonation routes, Outlook category mutation, reminders/recurrence templates beyond raw task fields, and arbitrary Microsoft Graph passthrough.

pack:microsoft-todomicrosoft-todotodomicrosoft-graph
by Recued CoreCertified v1 4 items Pack
Minisign Verify Pack

V3 deterministic Minisign verification capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local minisign CLI ingredient exposes readiness plus fixed detached-signature verification with an inline public key, a trusted public-key file, or strict prehashed-signature mode. This pack is verification-only: no signing, key generation, key recreation, password changes, secret-key access, arbitrary flags, content output passthrough, or shell wrappers. Verification operations are exit-code-only; a zero exit code means the signature verified. Requires minisign on PATH (Debian/Ubuntu: apt install minisign; macOS: brew install minisign). Local and no-egress.

pack:minisignminisignsignatureverify
by Recued CoreCertified v1 1 item Pack
Whiteboard Collaboration - Miro

API capability pack for bounded Miro REST API operations against https://api.miro.com only. Enroll a miro OAuth bearer connection; no credential is embedded in this manifest. The pack reads OAuth token context, boards, board members, board items, sticky notes, text, shapes, cards, app cards, frames, connectors, document/image/embed URL items, tags, and groups for collaborative planning, workshop capture, and design-to-execution workflows. Approval-gated writes are limited to creating/copying/updating boards, sharing or changing access for explicit board members, moving items, creating/updating common board items, creating/updating connectors, creating/updating tags, and creating/updating URL-backed document/embed/image items. Deletes, local file uploads, bulk item creation from files, OAuth token revocation, SCIM, org/team/user/group administration, enterprise audit/content logs, board exports, legal holds, data-classification administration, app metrics, experimental APIs, webhooks, and arbitrary Miro endpoints are intentionally not exposed.

pack:miromirowhiteboardcollaboration
by Recued CoreCertified v1 1 item Pack
AI Platform - Mistral

API capability pack for bounded Mistral AI REST API operations against https://api.mistral.ai only. Enroll a Mistral API key bearer connection named mistral; no credential is embedded in this manifest. The pack reads model metadata, non-streaming chat completion responses, text embeddings, moderation results, classification results, file metadata, batch jobs, fine-tuning jobs, and agent metadata for AI model evaluation, prompt review, safety checks, retrieval preparation, and operations monitoring. It bundles a chat completion brief, a safety and classification brief, a scheduled model/job operations digest, and approval-gated workflows for canceling one batch job or one fine-tuning job. Writes are limited to canceling one existing batch job or one existing fine-tuning job. The pack intentionally excludes streaming endpoints, file upload/content/url/delete operations, OCR and audio upload/speech endpoints, workflow execution and scheduling, admin APIs, connectors and connector credentials, observability dataset mutation, RAG index mutation, library/document mutation, agent creation or update, fine-tuning create/start/archive/delete, batch job creation, arbitrary tool-bearing chat arguments, arbitrary Mistral API passthrough, and dynamic outbound callback routing.

pack:mistralmistralaichat
by Recued CoreCertified v1 6 items Pack
Payments & Reconciliation - Mollie

API capability pack for bounded Mollie REST v2 operations against https://api.mollie.com/v2. Enroll a mollie API connection as bearer auth using a Mollie API key, advanced access token, or OAuth access token; no credential is embedded in the manifest. The pack reads payments, methods, customers, customer payments, mandates, subscriptions, balances, settlements, and invoices for payment operations, customer follow-up, and finance reconciliation. Writes are approval-gated and limited to creating one customer or one checkout payment. It intentionally excludes payment cancel/update/release, refund creation, capture mutation, chargeback actions, mandate creation, subscription create/update/cancel, profile method mutation, settlement mutation, token generation, webhooks, OAuth administration, and arbitrary API passthrough.

pack:molliemolliepaymentsreconciliation
by Recued CoreCertified v1 5 items Pack
monday.com Item Update Closure Loop

Workflow pack for Recued-created monday.com item updates. It composes the monday.com capability pack with a closure ledger: add one owner-approved update/comment to an existing monday.com item, persist only the connection/board/item/update linkage in data.shared, and let a scheduled watcher re-read that exact item until monday.com reports the item archived, deleted, or moved into a configured terminal group. Archived or terminal-group items close the Recued row; deleted items are marked for owner review. This pack does not replace monday.com item updates, native automations, notifications, dashboards, groups, status columns, item archive controls, board permissions, WorkForms, docs, or general board reporting; it adds Recued-visible closure state for item updates Recued created.

pack:monday-item-update-closuremondaymonday.comitems
by Recued CoreCertified v1 2 items Pack
Work Management - monday.com

API capability pack for bounded monday.com Platform API GraphQL operations against https://api.monday.com. Enroll a monday connection that injects the documented Authorization bearer token and keep API-Version pinned to 2026-04; this manifest also pins API-Version as a static header on every operation. Reads the current user/account context, workspaces, users, teams, boards, board structure, groups, activity logs, items, item pages, and updates. Bundles a scheduled board digest, an AI-assisted item/board brief, and an approval-gated item intake workflow. Writes are approval-gated and limited to creating one board item, updating one item's column values, moving one item to a group, archiving one item, creating one item update/reply, or creating one board group at a time. The pack intentionally excludes arbitrary GraphQL passthrough, deletes, board creation/deletion, column/schema mutation, automation mutation, app/admin APIs, WorkForms, dashboards/widgets, docs mutation, file upload, bulk import/backfill jobs, notification sends, user invites/removals, permission edits, and account administration.

pack:mondaymondaywork-managementboards
by Recued CoreCertified v1 4 items Pack
MuTool Pack

V3 deterministic MuPDF document-manipulation capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local mutool CLI cleans a PDF, extracts a caller-selected page range into one PDF, or renders the first page to PNG via fixed catalog operations. Write-tier but approval=never: mutool writes only to an engine-managed throwaway output dir and each result is captured as result.file_ref; source PDF bytes never flow through stdout values. Requires mutool on PATH (Debian/Ubuntu: apt install mupdf-tools; macOS: brew install mupdf). Local and no-egress.

pack:mutoolmutoolmupdfcli
by Recued CoreCertified v1 1 item Pack
mypy Pack

V3 Python type-check capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local mypy CLI ingredient exposes bounded project operations for readiness and Python type-check diagnostics. Type checks run from an explicit project directory cwd supplied at execution time, inspect one trusted Python file or directory, and return plain diagnostics via the python.type_check catalog operation. Fixed-function and reproducible: ignores discovered project config, ignores missing third-party imports, disables incremental cache reads, disables cache writes on Unix-like hosts, disables color and summary noise, no daemon, no command/eval string, no module/package selector, no caller-supplied config/plugin/cache path, no install/stubgen/stubtest, no arbitrary mypy flags, no shell wrapper, and no network egress. Type errors are represented as successful text findings; real invocation failures still fail. Requires mypy on PATH. Local and no-egress.

pack:mypymypypythontype-check
by Recued CoreCertified v1 1 item Pack
n8n Pack

Manage n8n through the bounded Public API: workflows, executions, credentials metadata, tags, users, variables, data tables, projects, folders, insights, community packages, source-control pulls, audit reports, and package export. Enroll an n8n API connection with X-N8N-API-KEY and set base_url to the tenant API root, such as https://example.app.n8n.cloud/api/v1 or https://n8n.example.com/api/v1. Enterprise API keys should grant only the listed required_scopes; non-enterprise n8n API keys may have full account access. Pagination is exposed through query.limit and query.cursor because n8n returns a top-level nextCursor token. Package export/import and arbitrary webhook/raw API passthrough are intentionally excluded: export is a POST binary response while current REST pack file capture is GET-only, and import requires multipart binary upload.

pack:n8nn8nautomationworkflow
by Recued CoreCertified v1 1 item Pack
Neon Pack

API capability pack for bounded Neon API v2 operations against https://console.neon.tech/api/v2 only. Enroll a Neon API key bearer connection named neon with the narrowest project, branch, endpoint, database, role, operation, region, and organization read scopes plus explicit write scopes for project rename, preview branch creation, branch rename, and compute start/suspend/restart. No credential is embedded in this manifest. The pack reads current-user context, organizations, regions, projects, branches, compute endpoints, databases, roles, and project operations for developer database operations, preview branch workflows, cost-control checks, and production-readiness reviews. It bundles a project operations digest, an AI-assisted branch readiness brief, and approval-gated workflows for creating one preview branch and suspending one compute endpoint. Writes are limited to one project rename, one branch create/rename, one database create, or one compute start/suspend/restart at a time. The pack intentionally excludes API-key create/revoke, role create/reset/reveal-password, connection URI retrieval, SQL/data API execution, storage object download, project/branch/endpoint/database deletes, branch restore/recover/reset/default changes, snapshots/backup mutation, VPC/project transfer, auth administration, consumption billing changes, OAuth token exchange, and arbitrary Neon API passthrough.

pack:neonneonpostgresdatabase
by Recued CoreCertified v1 5 items Pack
Hosting - Netlify

API capability pack for bounded Netlify REST API operations against https://api.netlify.com/api/v1 by default. Enroll a netlify OAuth or personal-access-token bearer connection; no credential is embedded in the manifest. The pack reads the current user, accounts, account audit events, sites, TLS certificate status, deploys, builds, deployed branches, function bundles, forms, submissions, files, assets, snippets, site metadata, DNS zones and records, split tests, public add-on service metadata, database migration metadata, and database snapshots. Approval-gated writes are limited to one site/deploy/build/cache/env/split-test action at a time: enable or disable a site, cancel/restore/rollback/lock/unlock a deploy, trigger a non-upload build, purge cache for one site or tag set, update or remove one environment variable/value, and create/update/publish/unpublish one branch split test. The pack intentionally excludes deploy creation and file/function upload, build-hook reads or writes, deploy keys, OAuth tickets, account/member/billing mutation, site creation/deletion/update, DNS mutation, form/submission deletes, snippet injection writes, asset uploads/deletes, service instance mutation, AI gateway token reads, database connection-string reads, database create/delete/reset/restore/migration-run operations, agent-runner endpoints, plugin mutation, webhooks, and arbitrary API passthrough.

pack:netlifynetlifyhostingdeploys
by Recued CoreCertified v1 1 item Pack
Geocoding - Nominatim

No-auth API capability pack for occasional address geocoding and reverse geocoding through the public OpenStreetMap Nominatim service. The pack exposes only bounded single-lookup operations against https://nominatim.openstreetmap.org, fixes JSON output, caps search results at five, and sends an identifying User-Agent. This pack is not for bulk or periodic geocoding; cache results and stay within the public service policy.

pack:nominatimgeocodingmapsaddresses
by Recued CoreCertified v1 1 item Pack
Notion Page Comment Closure Loop

Workflow pack for Recued-created Notion page comments. It composes the Notion capability pack with a closure ledger: add one owner-approved comment to an existing Notion page, persist only the connection/page/status-property/comment linkage in data.shared, and let a scheduled watcher re-read that exact page and configured status property until Notion reports a terminal status such as done, complete, completed, closed, or archived, or until the page is in trash. This pack does not replace Notion comments, status properties, native notifications, database views, dashboards, reminders, automations, templates, or project management workflows; it adds Recued-visible closure state for page comments Recued created.

pack:notion-page-comment-closurenotionpagescomments
by Recued CoreCertified v1 2 items Pack
Workspace - Notion

API capability pack for bounded Notion page, block, comment, user, and data-source operations against https://api.notion.com only. The pack uses Notion API version 2026-03-11, reads token identity, workspace users, shared pages/data sources, page properties, page markdown, block children, comments, and one page of data-source entries, searches shared pages/data sources by title, and creates or updates daily workspace content. It also bundles a scheduled workspace digest, an AI-assisted page/data-source brief, and approval-gated page intake workflow. Enroll a Notion personal access token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. Writes are limited to page create/update, appending child blocks, creating/updating comments, and updating one to-do block, all approval-gated. The bundled recipes only use page.create and optional comment.create as writes. The pack intentionally excludes arbitrary fetches, deletes, trash/restore, moving pages, broad block updates beyond to-do content/state, comment delete, file upload flows, admin configuration, and workspace-wide export.

pack:notionnotionworkspacepages
by Recued CoreCertified v1 4 items Pack
npm Pack

V3 npm toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local npm CLI ingredient exposes bounded project operations for readiness, package manifest inspection, lockfile dependency tree inspection, test execution, dependency audit, and CycloneDX SBOM generation. Project operations run from an explicit project directory cwd supplied at execution time, avoid caller-supplied npm flags, avoid shell wrappers, and keep diagnostics visible as text or JSON output. Manifest and lockfile inspection are local and read-only. Test execution is approval-gated because package scripts execute project-defined code. Dependency audit is approval-gated because npm sends dependency inventory to the fixed npm registry. SBOM generation is local and read-only. Requires npm on PATH.

pack:npmnpmjavascriptnodejs
by Recued CoreCertified v1 1 item Pack
OCRmyPDF Pack

V3 deterministic searchable-PDF and OCR-text capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local OCRmyPDF CLI ingredient exposes bounded operations for readiness, searchable-PDF generation, and OCR sidecar text extraction. Bundles a direct searchable-PDF recipe plus a scanned-document notes workflow that chains OCRmyPDF with PDF text extraction and preview-first AI summarization. Fixed-function and reproducible: the executor materializes the source file and owns the throwaway output directory, while OCRmyPDF writes fixed captured outputs. Write-tier but approval=never: OCRmyPDF writes only to engine-managed output dirs, exposes no arbitrary plugin/config flags, no caller-supplied output paths, no deskew/clean/rotate mutators, no force-ocr, no Tesseract config overrides, and source bytes never flow through op-step values. Requires ocrmypdf plus Tesseract language data on PATH (Debian/Ubuntu: apt install ocrmypdf tesseract-ocr-eng). Local and no-egress.

pack:ocrmypdfocrmypdfcliocr
by Recued CoreCertified v1 3 items Pack
Identity Governance - Okta

API capability pack for bounded Okta Management API v1 operations. Enroll an okta API connection with base_url set to the tenant API root, for example https://example.okta.com/api/v1, and authenticate with a scoped OAuth/OIDC bearer token where available; a tightly scoped SSWS-token header connection can also be used when the tenant still relies on API tokens. The pack reads users, user groups, user app links, groups, group members, applications, application users, and System Log events for access governance, offboarding review, and identity incident triage. It bundles a scheduled access hygiene digest, an AI-assisted user access brief, and approval-gated workflows for suspending/unsuspending one user and adding/removing one user from one group. The pack intentionally excludes user creation, deactivation, deletion, password and factor reset flows, authenticator enrollment mutation, role/admin assignment, app assignment mutation, policy/profile/schema mutation, token/session/recovery-factor administration, domain/network/brand/rate-limit/admin APIs, and arbitrary API passthrough.

pack:oktaoktaidentityaccess-governance
by Recued CoreCertified v1 7 items Pack
Ollama Pack

V3 deterministic local-inference capability pack. By-value connector composition (service_kind=cli, no separate service ingredient): the local ollama CLI runs a prompt against a locally-installed model and returns the model's reply as captured text, via the model.run catalog operation. Nothing leaves the machine — the prompt and the reply are processed by a model running on the paired recued-server, so this is the no-egress path for summarizing / rewriting / classifying private content that must never reach a hosted provider. Read-tier and approval=never: a local inference has no durable side effect (it writes nothing, sends nothing) — the reply is captured to the op result's `stdout` field (a string the next step consumes directly). Requires the ollama binary on PATH and the target model already pulled (ollama pull <model>); a missing model fails the run rather than triggering a network download mid-recipe. Distinct from the BYOK / free-pool AI substrate (ai-* functions): this is a raw local subprocess, deliberately chosen when the value proposition is "the bytes stay on this machine," not structured-JSON contracts. Part of the local developer / privacy toolkit.

pack:ollamaollamacliai
by Recued CoreCertified v1 1 item Pack
Files - OneDrive

API capability pack for bounded OneDrive metadata operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Reads the current user, current drive, root drive item, drive-item metadata, folder children, root-folder children, root delta changes, file versions, sharing permissions, and followed items. It supports approval-gated daily organization actions: create folders, rename drive items, move drive items within a drive, asynchronously copy drive items, and follow or unfollow drive items. File upload/download, sharing-link creation, permission mutation, delete/trash, conflict-behavior tuning, and arbitrary Microsoft Graph passthrough are intentionally not exposed in this metadata pack. Enroll a Microsoft Graph OAuth access token connection as bearer auth; no credential is embedded in the manifest.

pack:onedriveonedrivemicrosoft-graphfiles
by Recued CoreCertified v1 1 item Pack
Customer Messaging - OneSignal

API capability pack for bounded OneSignal REST API v1 operations against https://onesignal.com/api/v1 only. Enroll a OneSignal app API-key connection named onesignal that injects the Authorization header for the app_key security scheme; no credential is embedded in this manifest. The pack reads notifications, outcomes, users, user identity aliases, legacy player/device records, and subscription context for customer messaging operations. Writes are approval-gated and limited to creating or canceling one notification, creating one segment, creating or updating one user, updating one user identity object, and creating or updating one subscription. The pack intentionally excludes organization/user-key app administration, app create/update, API-key management, Live Activities, CSV export jobs, player/device deletion, segment deletion, user deletion, identity deletion, subscription owner transfer, arbitrary notification history export emails, webhooks, and arbitrary OneSignal API passthrough.

pack:onesignalonesignalmessagingpush
by Recued CoreCertified v1 7 items Pack
Weather - Open-Meteo

No-auth API capability pack for recurring weather lookups through Open-Meteo. The pack exposes fixed current-condition and short forecast calls against https://api.open-meteo.com only; recipes provide latitude and longitude as query parameters, while the pack owns the host, path, weather-variable set, and timezone behavior. No credential is embedded or required.

pack:open-meteoweatherforecastapi
by Recued CoreCertified v1 1 item Pack
AI Platform - OpenAI

API capability pack for bounded OpenAI REST API operations against https://api.openai.com/v1 only. Enroll an OpenAI API key bearer connection named openai; no credential is embedded in this manifest. The pack reads model and file metadata, creates non-streaming Responses API outputs, counts Responses API input tokens, creates embeddings, runs moderation, and reads stored response/input-item metadata for prompt review, safety checks, retrieval preparation, model inventory, and AI operations workflows. It bundles a response brief, an input safety and token readiness brief, an embedding readiness brief, and a scheduled model/file operations digest. The pack intentionally excludes streaming, hosted tool definitions and tool-choice routing, custom function tools, MCP tools, web/file/computer/code interpreter hosted tool execution, image/audio/video generation, realtime sessions, uploads, file content download, file delete, response delete/cancel/compact, vector store mutation, batch and fine-tuning mutation, organization/admin/project APIs, arbitrary OpenAI API passthrough, dynamic outbound callbacks, and any operation outside api.openai.com/v1.

pack:openaiopenaiairesponses
by Recued CoreCertified v1 5 items Pack
AI Router - OpenRouter

API capability pack for bounded OpenRouter REST API operations against https://openrouter.ai/api/v1 only. Enroll an OpenRouter API key bearer connection named openrouter; no credential is embedded in this manifest. The pack reads model, endpoint, provider, current-key, credit, and generation metadata, and creates non-streaming chat completions for model routing, cost review, and AI operations workflows. It bundles a model routing brief, a chat completion brief, and a current-key usage brief. The pack intentionally excludes streaming, Responses/Messages compatibility routes, embeddings, image/audio/video generation, files, presets, guardrails, observability destinations, workspace and member administration, API key creation/update/delete, BYOK management, tools/plugins/server-tool routing, dynamic callback/webhook routing, arbitrary OpenRouter API passthrough, and any operation outside openrouter.ai/api/v1.

pack:openrouteropenrouteraimodel-routing
by Recued CoreCertified v1 4 items Pack
OpenSSL Digest Pack

V3 deterministic file-digest capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local OpenSSL CLI ingredient exposes readiness plus fixed SHA-256, SHA-384, and SHA-512 digest operations. Fixed-function and reproducible: the executor materializes the source file and owns the throwaway output directory, while openssl writes fixed digest text files that are captured as result.file_ref. Write-tier but approval=never: openssl writes only to an engine-managed output dir, and source bytes never flow through op-step values. Recipes cannot call arbitrary OpenSSL subcommands, sign or verify files, compute HMAC/MAC values, pass provider/engine/password options, encrypt/decrypt content, or use shell redirection. Requires the openssl binary on PATH (Debian/Ubuntu: apt install openssl; macOS: openssl or LibreSSL is commonly installed with system tools). Local and no-egress.

pack:openssl-dgstopenssldigestsha256
by Recued CoreCertified v1 1 item Pack
OpenSSL X.509 Pack

V3 deterministic certificate-inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local OpenSSL CLI ingredient exposes readiness plus fixed X.509 inspection, subject, issuer/date, and 30-day expiry gate operations. The operations are path-based stdout text because the inspected certificate fields are the requested value output; this intentionally avoids combining file_ref materialization with value capture. Fixed-function and reproducible: no generic OpenSSL passthrough, no key generation, no signing, no certificate conversion, no CA/micro-CA options, no trust mutation, no password/provider/engine inputs, no network, and no arbitrary flags. Requires openssl on PATH (Debian/Ubuntu: apt install openssl; macOS: openssl or LibreSSL is commonly installed with system tools). Local and no-egress.

pack:openssl-x509opensslx509certificate
by Recued CoreCertified v1 1 item Pack
OSV-Scanner Pack

V3 multi-ecosystem dependency vulnerability scan capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local osv-scanner CLI ingredient exposes bounded project operations for readiness and recursive source dependency vulnerability scanning. The scan accepts one trusted source directory, returns OSV JSON findings, avoids caller-supplied OSV-Scanner flags, avoids shell wrappers, and never exposes guided fix/remediation, container image scan, caller-supplied config paths, HTML server, output-file writes, license-policy scan, call-analysis mode, offline database mutation, or arbitrary command execution. Approval is ask because dependency inventory is matched against OSV vulnerability data. Requires osv-scanner on PATH. Network egress to OSV data services.

pack:osv-scannerosv-scannerosvvulnerability
by Recued CoreCertified v1 1 item Pack
Outbound Follow-Up Loop

End-to-end outbound follow-up workflow pack for one-person companies. It turns Email / Outbox into a repeatable loop: surface outbound threads that may need closure, draft concise follow-ups, send selected drafts through the mail-send approval boundary, and carry loop state through data.shared with links back to the source mail.

pack:outbound-follow-up-responsesoloone-person-companycold-start
by Recued CoreCertified v1 9 items Pack
Email - Outlook Controls

API capability pack for bounded Outlook mailbox-control operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Enroll a Microsoft Graph OAuth bearer connection named microsoft with the narrowest Graph scopes needed for the installed operations. Reads the current user, mailbox settings, mail folders, inbox rules, Outlook categories, and Focused Inbox inference overrides. Writes are approval-gated and limited to automatic replies, locale/time/working-hours settings, mail-folder creation/rename/move/copy, inbox rule creation/update/delete with non-forwarding actions, Outlook category creation/update/delete, and Focused Inbox sender override creation/update/delete. The pack intentionally excludes generic message read/search/send/reply/forward/draft flows covered by first-class mail, attachment reads or writes, mailbox delete/permanentDelete, folder delete, rule forwarding/redirect/copy/delete/permanentDelete actions, shared-mailbox admin surfaces, subscriptions/webhooks, extended properties, and arbitrary Microsoft Graph passthrough.

pack:outlookoutlookmicrosoft-365microsoft-graph
by Recued CoreCertified v1 1 item Pack
Revenue Engagement - Outreach

API capability pack for bounded Outreach REST API v2 operations against https://api.outreach.io/api/v2. Enroll an OAuth bearer or S2S bearer connection named outreach with account, prospect, sequence, sequence-state, task, mailing, event, user, mailbox, snippet, and template access. The pack reads revenue engagement records for scheduled operations digests, prospect engagement briefs, and sequence readiness checks. It bundles approval-gated workflows for creating one account, creating one prospect, adding one prospect to one sequence through a mailbox, creating one snippet, and creating one template. Writes are limited to one account, prospect, sequence state, snippet, or template at a time. The pack intentionally excludes sequence creation, sequence-step creation or mutation, ruleset administration, sequence template association, PATCH updates, deletes, bulk API/imports, webhooks, calls, user invitations, compliance deletion requests, OAuth token generation, and arbitrary Outreach API passthrough.

pack:outreachoutreachrevenuesales-engagement
by Recued CoreCertified v1 9 items Pack
OxiPNG Pack

V3 deterministic PNG optimization capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local oxipng CLI writes an optimized PNG to a fixed engine-owned output path via image.optimize_png. This pack deliberately avoids in-place mutation by using oxipng's --out option. Write-tier but approval=never: oxipng writes only under {out_dir} and the optimized PNG is captured as result.file_ref. Requires oxipng on PATH (Alpine: apk add oxipng; Rust environments: cargo install oxipng). Local and no-egress.

pack:oxipngoxipngcliimage
by Recued CoreCertified v1 1 item Pack
Billing & Subscriptions - Paddle

API capability pack for bounded Paddle Billing REST operations against https://api.paddle.com. Enroll a paddle API connection as a bearer API-key connection with the narrowest Paddle permissions needed for the installed operations; no credential is embedded in this manifest. Reads catalog products/prices, customers, addresses, businesses, credit balances, discounts, subscriptions, transactions, adjustments, saved payment methods, reports, events, notifications, notification logs, and Paddle IP addresses. Writes are approval-gated and limited to product/price/customer/address/business/discount/discount-group maintenance and asynchronous report creation. Pricing, transaction, subscription-update, and subscription-charge preview endpoints are exposed as read-only preview calls because they do not mutate Paddle state. The pack intentionally excludes transaction creation/update/revision, adjustment/refund creation, subscription update/cancel/pause/resume/activate/charge, saved-payment-method deletion, customer auth tokens, customer portal sessions, client-side tokens, notification setting mutation, notification replay, simulations, webhook simulator replay, checkout-domain mutation, metrics, arbitrary API passthrough, and Paddle Classic APIs.

pack:paddlepaddlebillingsubscriptions
by Recued CoreCertified v1 1 item Pack
Incident Response - PagerDuty

API capability pack for bounded PagerDuty REST API v2 operations against https://api.pagerduty.com only. Reads the current user, users, services, escalation policies, schedules, on-calls, incidents, and incident notes, and supports approval-gated incident acknowledgment/resolution plus note creation with an explicit From header. Bundles a scheduled on-call handoff digest, an AI-assisted incident brief, and an approval-gated incident update workflow. Enroll a PagerDuty OAuth or API-token connection named pagerduty with the narrowest scopes needed for the installed operations. The pack intentionally excludes incident creation, bulk incident mutation, service/schedule/escalation-policy/user mutation, maintenance windows, rulesets, webhooks, analytics, audit records, account/admin APIs, and arbitrary API passthrough.

pack:pagerdutypagerdutyincidentson-call
by Recued CoreCertified v1 4 items Pack
PandaDoc Document Closure Loop

Workflow pack for Recued-sent PandaDoc documents. It composes the PandaDoc capability pack with a closure ledger: send one draft or approved document through the existing PandaDoc approval gate, persist only the document/template linkage in data.shared, and let a scheduled watcher re-read that exact document until PandaDoc reports completion, exception, or an approval-complete state that needs the owner to send again. This pack does not duplicate PandaDoc auto reminders, manual reminders, auto-expiration, webhook administration, or general document status dashboards; it adds Recued-visible closure state for documents Recued sent.

pack:pandadoc-document-closurepandadoccontractsesignature
by Recued CoreCertified v1 3 items Pack
Contract Documents - PandaDoc

API capability pack for bounded PandaDoc Public API operations against https://api.pandadoc.com/public/v1. Enroll a PandaDoc API key or OAuth bearer connection named pandadoc with document, template, contact, and form access. The pack reads documents, document status and details, templates, template folders, document folders, contacts, and forms for contract lifecycle review, proposal operations, sales handoff, renewal tracking, and e-signature evidence briefs. It bundles a scheduled document status digest, AI-assisted document and template readiness briefs, and approval-gated workflows for creating a document from a template and sending one draft document. Writes are limited to one document creation or send action at a time. The pack intentionally excludes file uploads, binary downloads, deletes, webhooks, embedded editing or signing session URLs, attachment mutation, ownership transfers, folder mutation, template creation, contact mutation, workspace administration, OAuth token endpoints, and arbitrary PandaDoc API passthrough.

pack:pandadocpandadoccontractsesignature
by Recued CoreCertified v1 6 items Pack
Pandoc Pack

V3 deterministic document-render capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local pandoc CLI ingredient exposes bounded operations for readiness, supported-format discovery, and Markdown/document rendering to DOCX, PDF, HTML, or EPUB via the document.render catalog operation. Fixed-function and reproducible: no shell wrapper, no caller-supplied arbitrary pandoc flags, no filters/defaults/templates/reference-doc paths, no remote fetch options, and no model sees content. The render op writes one fixed output file under an engine-managed throwaway temp dir and captures it as result.file_ref with storage=cas. Part of the Lane-1 deterministic document toolkit alongside docling (parse) and xlsx-pack (export).

pack:pandocpandocclidocument
by Recued CoreCertified v1 1 item Pack
Payments & Reconciliation - PayPal

API capability pack for bounded PayPal REST operations against https://api-m.paypal.com. Enroll a paypal API connection as an OAuth bearer-token connection backed by PayPal client-credentials access; no credential is embedded in the manifest. The pack reads checkout orders, payment authorizations, captures, refunds, transaction-search activity, balances, invoices, recurring-billing products, plans, subscriptions, subscription transactions, and disputes. It adds approval-gated invoice lifecycle operations for daily solo-business billing: create one draft invoice, send one invoice, send one invoice reminder, and cancel one sent invoice. It intentionally does not expose order creation, payment capture/authorize/void/refund creation, payouts, invoice pay/refund/delete/record-payment actions, product or plan mutation, subscription create/update/revise/suspend/cancel/activate/capture actions, dispute evidence/action endpoints, webhooks, vault tokens, or arbitrary API passthrough.

pack:paypalpaypalpaymentsreconciliation
by Recued CoreCertified v1 1 item Pack
PDFGrep Pack

V3 deterministic PDF text-search capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local pdfgrep CLI exposes readiness, bounded page-numbered PDF text search, fixed-string search, case-insensitive search, context search, match-only extraction, total match counts, and page-level match counts for one trusted local PDF path. This pack deliberately exposes bounded path-based value output rather than file_ref materialization, because matched PDF text is returned on stdout. No arbitrary pdfgrep flags, recursive directory search, password arguments, pattern-file inputs, cache writes, debug output, shell wrapper, stdin, or multi-file glob search are exposed, and exit code 1 (no matches) is treated as success for search/count operations. Requires pdfgrep on PATH (Debian/Ubuntu: apt install pdfgrep). Local and no-egress.

pack:pdfgreppdfgrepclipdf
by Recued CoreCertified v1 1 item Pack
PDFImages Pack

V3 deterministic PDF image-inventory capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local Poppler pdfimages CLI exposes readiness, full-document embedded-image inventory, fixed first-page image inventory, and bounded first-N-pages image inventory for one trusted local PDF path. This pack deliberately ships inventory modes only, not bulk image extraction, because pdfimages extraction writes one file per image and v1 output_capture expects exactly one produced file. The operations are path-based stdout text for the same reason as pdfinfo: the current CLI safety contract forbids materialized file_ref input with stdout value capture. It exposes no password arguments, image-root output prefix, extraction format flags, stdin mode, shell wrapper, arbitrary flags, or network egress. Requires pdfimages on PATH (Debian/Ubuntu: apt install poppler-utils; macOS: brew install poppler).

pack:pdfimagespdfimagespopplercli
by Recued CoreCertified v1 1 item Pack
PDFInfo Pack

V3 deterministic PDF information capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local Poppler pdfinfo CLI exposes readiness, basic document/page information, page-box bounding boxes, document-level metadata stream output, and URL annotation listing for one trusted local PDF path. This pack deliberately exposes path-based stdout helpers, not file_ref materialization, because the current CLI safety contract forbids materialized file_ref input with stdout value capture. It exposes no password arguments, JavaScript dump, tagged-structure dump, arbitrary pdfinfo flags, stdin mode, shell wrapper, output-file path, or network egress. Requires pdfinfo on PATH (Debian/Ubuntu: apt install poppler-utils; macOS: brew install poppler). Local and no-egress.

pack:pdfinfopdfinfopopplercli
by Recued CoreCertified v1 1 item Pack
PDFSeparate Pack

V3 deterministic PDF page-extraction capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local Poppler pdfseparate CLI exposes readiness, fixed first-page extraction, and single selected-page extraction for one source PDF. Fixed-function and reproducible: the executor materializes the source PDF and owns the throwaway output directory, while pdfseparate writes exactly one page PDF per operation that is captured as result.file_ref. The pack deliberately avoids arbitrary page ranges and full-document splitting because pdfseparate writes one PDF per page and the current output_capture contract expects a single produced file. It exposes no password arguments, caller-controlled output pattern, stdin mode, shell wrapper, arbitrary flags, or network egress. Requires pdfseparate on PATH (Debian/Ubuntu: apt install poppler-utils; macOS: brew install poppler).

pack:pdfseparatepdfseparatepopplercli
by Recued CoreCertified v1 1 item Pack
PDFToText Pack

V3 deterministic PDF text-extraction capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local Poppler pdftotext CLI exposes readiness, layout-preserving extraction, default reading-order extraction, fixed first-page preview extraction, bounding-box XHTML layout extraction, and TSV word-position extraction for a source PDF. Bundles a direct text-extraction recipe plus a preview-first PDF notes workflow that summarizes the extracted text by file ref. Fixed-function and reproducible: extraction happens locally before any model sees the PDF. Write-tier but approval=never: pdftotext writes only to an engine-managed throwaway output dir and each extracted artifact is captured as result.file_ref; downstream ai-* steps consume text through Gateway-gated file refs. The source can be a data.file ref or a trusted local path. This pack exposes no password args, arbitrary flags, stdin mode, caller-controlled output path, shell wrapper, or network egress. Requires the pdftotext binary on PATH (Debian/Ubuntu: apt install poppler-utils; macOS: brew install poppler).

pack:pdftotextpdftotextpopplercli
by Recued CoreCertified v1 3 items Pack
PDFUnite Pack

V3 deterministic PDF merge capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local Poppler pdfunite CLI exposes readiness, exact two-PDF merge, and bounded multi-PDF merge operations. The executor materializes ordered file_ref arrays into engine-managed temp paths, expands them into discrete argv elements in caller order, and owns the output path captured as result.file_ref. The pack exposes no arbitrary pdfunite flags, encrypted-PDF password handling, caller-controlled output path, stdin mode, shell wrapper, or network egress. Requires pdfunite on PATH (Debian/Ubuntu: apt install poppler-utils; macOS: brew install poppler).

pack:pdfunitepdfunitepopplercli
by Recued CoreCertified v1 1 item Pack
Research Intelligence - Perplexity

API capability pack for bounded Perplexity REST API operations against https://api.perplexity.ai only. Enroll a Perplexity API key bearer connection named perplexity; no credential is embedded in this manifest. The pack reads the model catalog, creates bounded Web Search API responses, creates non-streaming Sonar responses with citations and search results, and creates text embeddings for research, competitive intelligence, source-backed answer review, semantic search preparation, and RAG readiness. It bundles a cited answer brief, a web search brief, an embedding readiness brief, and a model catalog brief. The pack intentionally excludes streaming, async chat jobs, Agent API responses, browser sessions, file and response content download, custom tools and tool-choice routing, MCP or code execution, contextualized embeddings, People Search, analytics, auth-token issue or revoke endpoints, arbitrary Perplexity API passthrough, dynamic outbound callbacks, and any operation outside api.perplexity.ai.

pack:perplexityperplexityairesearch
by Recued CoreCertified v1 5 items Pack
Personal CRM Foundation

Time-anchored alerts before each upcoming meeting, grounded in behavioral patterns derived from your inbox + calendar. Installs one user-facing alert recipe (time-alert-before-event) plus three silent producer recipes that quietly maintain the rollup enrichments the alert reads. The substrate is provided by the unified data.enrichment namespace; this pack is the consumer.

pack:personal-crmalertscalendarmeta
by Recued CoreCertified v1 Pack
Personal Organizer Foundation

Day-1 personal-organizer pack per D-145 § A.6. Pre-installs on first server init and composes built-in work entities (`task` / `note` / `commitment` / `project`) with PA9 enrichment producers (`open_loop_pressure` / `project_stall_signal` / `project_next_action_gap` / `commitment_reliability_band` / `note_relevance_decay`) into ten recipes: 4 Layer-2 visible views (today / open-commitments / stalled-projects / recent-notes-by-topic), 2 Layer-1 silent producers reactive on inbound mail (extract-commitments-from-mail / extract-tasks-from-mail), 1 Layer-2 visible alert reactive on inbound mail (triage-inbox), D-193 reminders (chat capture plus hidden due notifier), and the schedule-recipe control for installed recipes. Ships three canonical Standing Instructions as conservative safety defaults: an approval gate on composing email to contacts the substrate has only ever seen mentioned (never sent / received-from); a `min_tier: mid` floor for `schedule_meeting` so timezone-sensitive proposals don't ride the cheapest tier; and a `ban_omission_class: permission_scope` clause for `recipe_invoke` so foundation-pack views surface permission gaps instead of silently truncating. The substrate is provided by D-145 PA1-PA9 + the existing kernel ingredients; this pack is the consumer that turns the substrate into Day-1 value.

pack:personal-organizerfoundationd-145tasks
by Recued CoreCertified v4 Pack
pip-audit Pack

V3 Python dependency-vulnerability audit capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local pip-audit CLI ingredient exposes bounded project operations for readiness and dependency vulnerability audits. Audits run from an explicit project directory cwd supplied at execution time, audit one trusted, fully pinned requirements file, and return JSON findings via the python.dependency_audit catalog operation. Fixed-function and bounded: requirements-file mode only, JSON output, fixed PyPI vulnerability service, no dependency resolution, no pip resolver, no package fixing/upgrading, no local environment/project scan, no lockfile/project-path scan, no caller-supplied package indexes, no ignored vulnerability list, no output-file write, no arbitrary pip-audit flags, and no shell wrapper. Approval is ask because package names and versions are sent to PyPI vulnerability data services. Vulnerability findings are represented as successful JSON output; real collection or invocation errors still fail. Requires pip-audit on PATH with Python 3.10+. Network egress to PyPI vulnerability data services.

pack:pip-auditpip-auditpythonaudit
by Recued CoreCertified v1 1 item Pack
Pipedrive

Self-contained Pipedrive CRM vendor pack. Declares the Pipedrive catalog as a by-value composition so the pack owns its callable surface without publishing a separate community/ingredients catalog. Pipedrive native entities map into the canonical CRM vocabulary: deal -> deal, person -> contact, organization -> account. Reads resolve after connection grant; daily write ops for deals, leads, notes, people, organizations, and follow-up activities are write-tier and approval-gated. The pack also exposes read-only users, pipelines, and stages so a one-person company can find the right owner and sales-lane IDs before creating or updating CRM records. The pack deliberately avoids delete, merge, follower, product, bulk, lead conversion, pipeline/stage mutation, user administration, and arbitrary custom-field mutation surfaces. Cross-vendor canonical recipes live in recued-core.crm and bind to this pack through the same CRM-supported path used by HubSpot and Salesforce.

pack:pipedrivecrmsalesleads
by Recued CoreCertified v1 1 item Pack
Financial Data - Plaid

API capability pack for bounded Plaid API 2020-09-14 operations against https://production.plaid.com by default. Enroll a Plaid connection named plaid that injects the documented PLAID-CLIENT-ID, PLAID-SECRET, and Plaid-Version headers; use a connection base_url of https://sandbox.plaid.com for sandbox testing. Reads institutions, Items, consent activity, accounts, balances, transactions, transaction sync deltas, recurring transaction streams, identity account owner data, liability summaries, investment holdings, investment transactions, statement metadata, and cashflow insights. Approval-gates Link-token creation, public-token exchange, access-token invalidation, webhook updates, transaction refresh, investment refresh, identity refresh, and sandbox test Item creation. Plaid access_token values are sensitive user-authorized Item credentials and must be passed as run inputs or refs, never embedded in this manifest. The pack intentionally excludes Auth account/routing number retrieval, processor token creation, payment initiation, transfers, item removal, item/application unlinking, product termination, Identity Verification, income verification, asset reports, credit reports, statement PDF downloads, transaction rule mutation, arbitrary endpoint passthrough, and destructive or payment-moving operations.

pack:plaidplaidfinancebank-data
by Recued CoreCertified v1 1 item Pack
Microsoft Planner Task Closure Loop

Workflow pack for Recued-created Microsoft Planner tasks. It composes the Planner capability pack with a closure ledger: create one owner-approved Planner task in an existing plan, persist only the connection/plan/bucket/task linkage in data.shared, and let a scheduled watcher re-read that exact task until Planner reports completion. This pack does not replace Planner assignments, native notifications, buckets, labels, board views, premium Planner resources, Microsoft Project flows, Teams conversations, plan membership, or general task dashboards; it adds Recued-visible closure state for Planner tasks Recued created.

pack:planner-task-closureplannermicrosoft-plannermicrosoft-365
by Recued CoreCertified v1 2 items Pack
Tasks - Microsoft Planner

API capability pack for bounded Microsoft Planner operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Enroll a Microsoft Graph OAuth bearer connection named microsoft with the narrowest Graph scopes needed for the installed operations. Reads the current user, assigned Planner tasks, group-owned plans, plans, plan details, buckets, tasks, task details, and task board formats. Writes are approval-gated and limited to creating a plan in a Microsoft 365 group, renaming a plan, updating plan label descriptions, creating/updating/deleting buckets, creating/updating/deleting tasks, updating task details, and updating Planner board ordering metadata. Existing-resource updates and deletes require an explicit If-Match ETag argument. The pack intentionally excludes premium Planner resources, Microsoft Project task mutation beyond ordinary Planner task fields, Microsoft 365 group membership/admin changes, plan deletion, plan sharing mutation, attachment upload/content fetch, arbitrary Graph passthrough, and first-class task sync semantics.

pack:plannerplannermicrosoft-plannermicrosoft-365
by Recued CoreCertified v1 1 item Pack
pnpm Pack

V3 pnpm toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local pnpm CLI ingredient exposes bounded project operations for readiness, test execution, dependency audit, and CycloneDX SBOM generation. Project operations run from an explicit project directory cwd supplied at execution time, avoid caller-supplied pnpm flags, avoid shell wrappers, and keep diagnostics visible as text or JSON output. Test execution is approval-gated because package scripts execute project-defined code. Dependency audit is approval-gated because pnpm sends dependency inventory to the configured package registry. SBOM generation is local and read-only, and requires pnpm 11 or newer. Requires pnpm on PATH.

pack:pnpmpnpmjavascriptnodejs
by Recued CoreCertified v1 1 item Pack
Product Analytics - PostHog

API capability pack for bounded PostHog API operations. The default egress base is https://app.posthog.com; enroll a posthog personal API key connection as bearer auth and set base_url to the tenant app host when using a regional or self-hosted PostHog instance. The pack reads organizations, projects, events, persons, cohorts, dashboards, insights, feature flags, feature-flag activity/status/history, activity logs, event definitions, property definitions, web analytics recaps, web vitals, experiments, and surveys for daily product-engineering decisions. Writes are approval-gated and limited to patching one feature flag definition at a time. The pack intentionally excludes event capture, flags evaluation, arbitrary query/HogQL execution, exports, batch exports, session replay playback, files/media, billing/admin mutation, organization/project mutation, destructive deletes, plugin and hog-function mutation, data warehouse mutation, agent platform endpoints, webhook-like flows, and arbitrary API passthrough.

pack:posthogposthogproduct-analyticsfeature-flags
by Recued CoreCertified v1 1 item Pack
Transactional Email - Postmark

API capability pack for bounded Postmark server-token calls against https://api.postmarkapp.com only. The pack can send one transactional email, send one template email, read server metadata, read message streams, search/read outbound and inbound message activity, inspect raw outbound dumps, review opens/clicks, read bounce delivery state, search/read templates, validate template content, read outbound stats, and manage message-stream suppressions. Enroll a Postmark server-token connection using header auth with X-Postmark-Server-Token; no credential is embedded in the manifest. Email sending, inbound retry/bypass, and suppression changes are write-tier and approval-gated. The pack intentionally excludes batch sending, template create/edit/delete, stream archive/unarchive, webhook configuration, server/account admin, sender/domain management, data-removal requests, and arbitrary API passthrough.

pack:postmarkemailtransactionalsend
by Recued CoreCertified v1 1 item Pack
QRencode Pack

V3 deterministic QR-code capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local qrencode CLI renders one text payload into a PNG QR code via the image.qr_encode catalog operation. Fixed-function and reproducible: the executor owns the throwaway output directory, while qrencode writes a fixed qr.png result that is captured as result.file_ref. Write-tier but approval=never: qrencode writes only to an engine-managed output dir, exposes no arbitrary flags, and receives the text as one discrete argv value with shell=false semantics. Requires the qrencode binary on PATH (Debian/Ubuntu: apt install qrencode; macOS: brew install qrencode). Local and no-egress.

pack:qrencodeqrencodeqr-codepng
by Recued CoreCertified v1 1 item Pack
Potrace Pack

V3 deterministic raster-to-vector tracing capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local potrace CLI traces one bitmap into a fixed SVG output via image.trace_svg. Write-tier but approval=never: potrace writes only to an engine-managed throwaway output dir and the SVG is captured as result.file_ref; source image bytes never flow through stdout values. Requires potrace on PATH (Debian/Ubuntu: apt install potrace; macOS: brew install potrace). Local and no-egress.

pack:potracepotracecliimage
by Recued CoreCertified v1 1 item Pack
Analytics - Microsoft Power BI

API capability pack for bounded Microsoft Power BI REST API operations against https://api.powerbi.com/v1.0/myorg. Enroll a Power BI OAuth bearer connection named powerbi with least-privilege Power BI API scopes for the installed operations. The pack reads workspaces, workspace users, reports, report pages, dashboards, datasets, dataset data sources, dataset parameters, refresh schedules, and refresh history for analytics operations, executive dashboard review, and semantic-model refresh triage. It bundles a scheduled workspace operations digest, AI-assisted report and dataset briefs, and an approval-gated workflow for refreshing one dataset. The pack intentionally excludes imports, exports/downloads, report cloning, dataset/table/row writes, gateway or data-source credential mutation, parameter updates, refresh schedule updates, workspace/user permission grants or deletes, admin APIs, activity event export, embed-token generation, app publishing, arbitrary DAX/query execution, and arbitrary Power BI API passthrough.

pack:powerbipowerbimicrosoft-power-bianalytics
by Recued CoreCertified v1 5 items Pack
Prettier Pack

V3 deterministic code format-check capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local prettier CLI ingredient exposes bounded project operations for readiness and formatting diagnostics. Format checks run from an explicit project directory cwd supplied at execution time, accept one trusted source path, return human-readable diagnostics, avoid caller-supplied Prettier flags, avoid shell wrappers, and never write files. Fixed-function and reproducible: no write mode, no caller-supplied config path, no editorconfig lookup, no stdin stream, no parser/plugin override, no cache, no environment override, no arbitrary command execution, and no network egress. Formatting findings are represented as text output instead of failing the op; real Prettier errors still fail. Requires prettier on PATH. Local and no-egress.

pack:prettierprettierformatformat-check
by Recued CoreCertified v1 1 item Pack
pytest Pack

V3 Python test-run capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local pytest CLI ingredient exposes bounded project operations for readiness and Python test execution. Test runs execute from one explicit project directory cwd, run one trusted file, test node, or directory, and return bounded text output via the python.test_run catalog operation. Fixed invocation, but approval-gated: pytest imports and executes project test code, fixtures, conftest files, and installed plugins, so tests may read/write local state or perform network actions depending on the project. The pack exposes a compact readout only: quiet mode, short tracebacks, no color, max 50 failures, end-of-options before the target path, no caller-supplied pytest flags, no pdb/debug shell, no collect-only/plugin/config override surface, no capture disabling, no JUnit/output-file write, no stdin, and no shell wrapper. Test failures, no-tests-collected, and max-warnings outcomes are represented as successful text results; interrupts, internal errors, and usage errors still fail. Requires pytest on PATH.

pack:pytestpytestpythontest
by Recued CoreCertified v1 1 item Pack
QPDF Pack

V3 deterministic PDF-transform capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local qpdf CLI ingredient exposes readiness, trusted-path structure checks, trusted-path page counts, structural PDF rebuild, and web-linearization. Fixed-function and reproducible: transformations happen locally before any model sees the PDF. File-output operations write only to an engine-managed throwaway output dir and capture result.file_ref; downstream steps consume transformed PDFs through a Gateway-gated file ref. The source can be a data.file ref or a trusted local path for file-output operations; stdout inspection operations are path-based on purpose because current CLI isolation forbids combining file_ref materialization with stdout value capture. Requires the qpdf binary on PATH (Debian/Ubuntu: apt install qpdf; macOS: brew install qpdf). Local and no-egress; qpdf parses PDF structure but does not fetch remote URLs. The rebuild operation is a good follow-up after metadata-nullification tools because qpdf rewrites the PDF structure and removes orphaned objects, but it does not render, OCR, extract text, or semantically validate page contents.

pack:qpdfqpdfclipdf
by Recued CoreCertified v1 1 item Pack
Business Phone - Quo

API capability pack for bounded Quo Public API v1 operations against https://api.quo.com only. Quo was formerly OpenPhone; enroll a quo connection whose Authorization header contains the API key exactly as Quo documents, without a Bearer prefix. The pack reads phone numbers, users, contact custom fields, contacts, conversations, messages, calls, call recordings, call summaries, call transcripts, call voicemails, tasks, and webhook metadata for front-desk, sales follow-up, support, and owner-operator phone workflows. It bundles a front-desk digest, an AI-assisted contact conversation brief, approval-gated SMS sending, contact intake, task creation, and task completion. Writes are limited to sending one text message, creating or updating one contact, marking one conversation read/done/open, and creating/updating/completing/reopening/assigning one task at a time. Contact deletion, task deletion, webhook creation/deletion, call initiation, call recording download, phone-number administration, carrier registration, billing, user provisioning, and arbitrary Quo endpoints are intentionally not exposed.

pack:quoquoopenphonebusiness-phone
by Recued CoreCertified v1 7 items Pack
Deployments - Railway

API capability pack for bounded Railway Public API GraphQL operations against https://backboard.railway.app/graphql/v2. Enroll a Railway account, workspace, or OAuth bearer connection named railway, or a project-token connection that injects Project-Access-Token when your enrollment flow supports Railway project tokens. Reads authenticated user/workspace context, projects, project members, environments, services, service instances, deployments, deployment/build logs, domains, volume instances, and volume backups for deployment operations and incident review. Approval-gated writes are limited to creating one project, creating one service, deploying or redeploying one service instance, restarting/rolling back/stopping/canceling/redeploying one deployment, creating one custom or Railway service domain, creating one volume, creating one volume backup, or restoring one selected backup at a time. The pack intentionally excludes arbitrary GraphQL passthrough, variable reads/writes, storage bucket credentials, API token administration, OAuth app administration, workspace/team/project membership and permission mutation, billing/usage mutation, environment change-set mutation, service/domain/project/environment/volume/deployment deletion, deployment approval, private registry credential mutation, and webhook/trigger administration.

pack:railwayrailwayhostingdeployments
by Recued CoreCertified v1 10 items Pack
Bookmarks - Raindrop.io

API capability pack for bounded Raindrop.io REST v1 operations against https://api.raindrop.io only. Reads the authenticated user, collections, tags, bookmarks, highlights, and collection filter counts, and supports approval-gated bookmark creation/update plus collection create/update metadata operations. This is intended for recurring research capture, saved-link review, duplicate/no-tag/broken-link triage, collection setup, and reading-to-memory workflows. Enroll a Raindrop.io OAuth access token or test token connection as bearer auth; no credential is embedded in the manifest. The pack intentionally excludes bulk update/remove, collection deletion, trash/permanent delete, import/export, backups, file upload, cover upload, collection sharing/collaborator APIs, tag rename/merge/remove, highlight create/update/remove, public user lookup, social account connect/revoke, and arbitrary API passthrough.

pack:raindropraindropbookmarkscollections
by Recued CoreCertified v1 1 item Pack
Reading & Highlights - Readwise

API capability pack for bounded Readwise and Readwise Reader operations against https://readwise.io only. Reads token validity, books/sources, book tags, highlights, highlight tags, highlight export pages, the daily review, Reader documents, named Reader queues, Reader note/highlight/PDF document views, and Reader tags for reading-to-memory and saved-article workflows. Writes are limited to approval-gated saving of highlights, saving one Reader document/link, and lightweight Reader document triage metadata updates such as title, summary, tags, notes, seen, and location. Enroll a Readwise access-token connection as header auth with Authorization: Token <token>; no credential is embedded in the manifest. The pack intentionally excludes highlight direct update/delete, book/tag mutation, Reader delete, Reader bulk update, webhooks, raw source URL retrieval, arbitrary API passthrough, and any endpoint outside readwise.io.

pack:readwisereadwisereaderhighlights
by Recued CoreCertified v1 1 item Pack
Subscription Revenue - Recurly

API capability pack for bounded Recurly API v3 v2021-02-25 operations against https://v3.recurly.com. Enroll a Recurly API-key Basic Auth connection named recurly with the narrowest account, catalog, subscription, invoice, transaction, coupon, and account-note scopes needed for the installed workflows. The pack reads accounts, account balances, account notes, account subscriptions, account invoices, account transactions, plans, plan add-ons, items, subscriptions, invoices, transactions, coupons, and business entities for subscription revenue operations, account revenue briefs, and catalog readiness checks. It bundles approval-gated workflows for creating one account, one item, one plan, one coupon, one subscription, or one account note at a time, plus read-only purchase preview evidence before subscription creation. The pack intentionally excludes account update/deactivate/reactivate/redact, billing-info create/update/remove/verify, coupon redemption mutation, line-item mutation, invoice update/collection/mark-paid, payment/refund/transaction creation, subscription update/cancel/terminate/pause/resume/change, purchase creation, gift cards, external accounts, external subscriptions, exports, webhooks, OAuth token exchange, and arbitrary Recurly API passthrough.

pack:recurlyrecurlybillingsubscriptions
by Recued CoreCertified v1 10 items Pack
CRM - Zoho CRM Sales

API capability pack for bounded Zoho CRM sales operations. Uses the shared Zoho CRM OAuth connection and fixed Zoho CRM API V8 endpoints. Covers organization/user lookup, leads, contacts, accounts, deals, campaigns, sales notes, and read-only activity slices needed for sales briefings. Writes are approval-gated and limited to one lead, contact, account, deal, campaign, or note operation at a time. Excludes back-office inventory documents, service appointment booking, deletes, bulk APIs, COQL/query APIs, blueprints, admin mutation, arbitrary module passthrough, attachments, files, functions, webhooks, and credential-bearing operation arguments.

pack:zoho-crm-saleszohozoho-crmcrm
by Recued CoreCertified v1 6 items Pack
Hosting - Render

API capability pack for bounded Render REST API operations against https://api.render.com/v1 only. Enroll a Render API key bearer connection named render; no credential is embedded in this manifest. The pack reads workspaces, workspace audit logs, projects, environments, services, deploys, service events, custom domains, jobs, logs, log label values, Postgres instances, and Key Value instances for deployment operations, incident review, release readiness, and infrastructure inventory. It bundles a scheduled service operations digest, an AI-assisted deploy investigation brief, and approval-gated workflows for triggering one service deploy or rolling back one service to a selected deploy. Writes are limited to one deploy trigger, deploy cancel, rollback, restart, or cache purge at a time. The pack intentionally excludes service/project/environment/domain/datastore create-update-delete, env vars and secret files, connection-info and credential endpoints, arbitrary job commands, cron run starts, suspend/resume, disks, private links, dedicated IPs, notification settings, deploy hooks, blueprint mutation, owner membership and auth administration, billing, OAuth token exchange, webhooks, and arbitrary Render API passthrough.

pack:renderrenderhostingdeployments
by Recued CoreCertified v1 5 items Pack
AI Models - Replicate

API capability pack for bounded Replicate HTTP API operations against https://api.replicate.com/v1 only. Enroll a Replicate API token bearer connection named replicate; no credential is embedded in this manifest. The pack reads account context, public model search, collections, models, model versions, examples, README text, available hardware, deployments, prediction history, training history, and file metadata for AI model discovery, run monitoring, and cost-control workflows. It bundles a model discovery brief, a scheduled prediction operations digest, and approval-gated workflows for running one prediction or canceling one prediction. Writes are limited to creating one prediction through a version, official model, or deployment, canceling one prediction, or canceling one training. The pack intentionally excludes model/deployment create-update-delete, model version delete, file upload/download/delete, webhook signing secrets, webhook callback configuration, training creation, billing, token management, arbitrary GraphQL or arbitrary HTTP passthrough, and dynamic outbound webhook routing.

pack:replicatereplicateaimodels
by Recued CoreCertified v1 5 items Pack
Transactional Email - Resend

API capability pack for bounded Resend API-key calls against https://api.resend.com only. The pack can send and schedule one transactional email, update/cancel one scheduled email, read and search sent and received email, read domains and trigger domain verification, read segments, search/read/create/update/delete contacts, manage contact segment and topic subscriptions, read topics, create/update/send/delete broadcasts, and search/read API request logs. Enroll a Resend API-key connection as a bearer token; no credential is embedded in the manifest. Email sending, scheduled email changes, domain verification, contact mutation, topic/segment subscription changes, and broadcast changes are write-tier and approval-gated. The pack intentionally excludes batch sending, API-key management, webhook management, domain create/update/delete/claim, segment create/delete, topic create/update/delete, contact imports/properties, attachment download, automation/event mutation, and arbitrary API passthrough.

pack:resendemailtransactionalsend
by Recued CoreCertified v1 1 item Pack
Country Data - REST Countries

API capability pack for bounded REST Countries v5 lookups against https://api.restcountries.com only. The pack reads country records by name, alpha-2 code, or currency code and projects a small response-field set. Enroll a REST Countries API key connection as bearer auth; no credential is embedded in the manifest.

pack:rest-countriescountriesreference-datageography
by Recued CoreCertified v1 1 item Pack
Ripgrep Pack

V3 deterministic local file-search capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local rg CLI ingredient exposes bounded operations for readiness, ignore-aware file listing, glob-filtered path listing, regex search, fixed-string search, case-insensitive search, matching-file discovery, and count-by-file summaries. Content search operations scan one trusted local root and return bounded JSONL match events or compact text summaries. Bundles a manual local content search recipe and a scheduled TODO/FIXME project watch so users can install the pack and immediately turn trusted folders into recurring search workflows. Fixed-function and reproducible: no arbitrary rg flags, no shell, no produced files, no hidden-file override, no ripgrep config-file/env influence, no preprocessors, bounded match count, bounded per-file size, and exit code 1 (no matches/no files) is treated as success where empty results are expected. Requires ripgrep on PATH (Debian/Ubuntu: apt install ripgrep; macOS: brew install ripgrep). Local and no-egress.

pack:ripgrepripgreprgcli
by Recued CoreCertified v1 3 items Pack
Incident Response - Rootly

API capability pack for bounded Rootly REST API v1 operations against https://api.rootly.com only. Reads current user identity, incidents, incident timeline events, action items, alerts, services, teams, severities, statuses, schedules, escalation policies, and users, and supports approval-gated incident creation/update/mitigation/resolution, timeline note creation, action-item creation/update, alert creation/update, and alert acknowledge/resolve. Bundles incident operations digesting, incident and alert triage briefs, and approval-gated workflows for incident intake, incident status updates, and action-item creation. Enroll a Rootly API-key or OAuth connection named rootly that injects Authorization: Bearer <token> with the narrowest Rootly permissions needed. The pack intentionally excludes deletes, cancellation/restart/duplicate mutation, subscriber mutation, API-key rotation, alert route/source/config mutation, schedule/escalation/service/team/severity/status mutation, workflow/webhook/catalog/admin/security APIs, and arbitrary API passthrough.

pack:rootlyrootlyincidentsincident-response
by Recued CoreCertified v1 7 items Pack
RSpec Test Pack

V3 Ruby/RSpec test-run capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local bundle CLI ingredient exposes bounded project operations for RSpec readiness and test execution. Invocations run the project's bundled rspec command from one explicit project directory cwd supplied at execution time and return plain RSpec output via the ruby.test_run catalog operation. Fixed invocation, but approval-gated: RSpec loads project Ruby code, Rails initializers, support files, factories, mocks, and test fixtures, and may write project/database/cache state or contact services depending on the project. The pack uses the project bundle, progress formatter, no ANSI color, no caller-supplied spec path, formatter, tag, pattern, require, profile, seed, dry-run, bisect, env override, stdin, or shell wrapper. Test failures and RSpec diagnostics are represented as text results so the caller can inspect output. Requires bundle on PATH and rspec in the project bundle.

pack:rspec-testrspecrubyrails
by Recued CoreCertified v1 1 item Pack
rsync Pack

V3 bounded local rsync preview capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local rsync CLI ingredient exposes fixed operations for readiness, source tree listing, recursive dry-run sync preview, archive-mode dry-run sync preview, and checksum dry-run sync preview. All filesystem operations require approval because they can reveal local path names, directory shape, file sizes, modification times, planned deletions, and sync topology. Every non-version operation is fixed to --dry-run, rejects remote rsync/SSH syntax by disallowing colons and URL-like inputs, and exposes no actual transfer, delete mutation, remote endpoint, rsync daemon, SSH transport, filter/include/exclude files, password file, batch write/read, backup paths, chmod, partial files, progress streaming, arbitrary flags, environment override, stdin, output-file write, or shell wrapper. Requires rsync or OpenRsync on PATH.

pack:rsyncrsyncclisync
by Recued CoreCertified v1 1 item Pack
RuboCop Pack

V3 Ruby lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local bundle CLI ingredient exposes bounded project operations for RuboCop readiness and lint diagnostics. Invocations run the project's bundled rubocop command from one explicit project directory cwd supplied at execution time; linting checks one trusted file or directory target and returns RuboCop JSON diagnostics via the ruby.lint catalog operation. Fixed invocation, but approval-gated: RuboCop loads project configuration, custom cops, plugins, and Ruby gems, and may write cache state depending on project configuration. The pack uses the project bundle, JSON formatter, force-exclusion behavior, no autocorrect, no caller-supplied config path, require hook, formatter, cache path, parallelism, stdin, env override, or shell wrapper. Offenses are represented as successful JSON output; RuboCop invocation/configuration errors still fail. Requires bundle on PATH and rubocop in the project bundle.

pack:rubocoprubocoprubyrails
by Recued CoreCertified v1 1 item Pack
Ruff Pack

V3 deterministic Python lint and format-check capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local ruff CLI ingredient exposes bounded project operations for readiness, lint diagnostics, and format-check diagnostics. Checks run from an explicit project directory cwd supplied at execution time, inspect one trusted local Python file or project path, and return JSON diagnostics via python.lint and python.format_check catalog operations. Fixed-function and reproducible: no arbitrary ruff flags, no fixing/writing mode, no caller-supplied config path, no shell wrapper, and no network egress. Lint or formatting findings are represented as JSON output instead of failing the op; real invocation errors still fail. Requires ruff on PATH (Python environments: pip install ruff; macOS: brew install ruff). Local and no-egress.

pack:ruffruffpythonlint
by Recued CoreCertified v1 1 item Pack
Salesforce

The Salesforce vendor pack — bundles the `salesforce-catalog` D-165 catalog ingredient so every Salesforce Tier-P op (`recued-core.salesforce.opportunity.read`, `contact.read`, `account.search`, `opportunity.create`, …) resolves against one installed binding. Vendor-specific recipes declare `depends_on: ["recued-core.salesforce"]` and read Salesforce sObject fields RAW (`{{step.opportunity.result.StageName}}`, no `properties` nesting) — the catalog op owns only how a recipe-named field folds into the SOQL/REST query (D-182 §3 Tier-P, decision-b). It bundles the Salesforce augmentation producers/alerts (deal health + velocity signals, closing-soon + low-engagement + new-inquiry notifications) and the contact-maintenance write recipes — each binds its op-steps against this pack's own catalog at install (D-182 §3 first-party self-reference), mirroring the HubSpot vendor pack. Installs the catalog dormant until each recipe's Salesforce connection variable is bound to an enrolled connection (Settings → Connections); every call then runs through the D-165 gateway (operation-level risk/grant/approval + per-call audit). Cross-vendor canonical recipes live in `recued-core.crm` instead — install whichever vendor pack matches your CRM and `recued-core.crm` binds the same connection-agnostic recipes to it at dispatch.

pack:salesforcecrmsalesforcevendor
by Recued CoreCertified v1 3 items Pack
Revenue Engagement - Salesloft

API capability pack for bounded Salesloft API v2 operations against https://api.salesloft.com/v2. Enroll an OAuth bearer token or customer API key bearer connection named salesloft with people, accounts, cadences, cadence memberships, tasks, notes, users, and person-stage access. The pack reads revenue engagement records for scheduled pipeline digests, person engagement briefs, cadence readiness checks, and seller follow-up review. It bundles approval-gated workflows for creating one person, adding one person to one cadence, creating one follow-up task, and adding one person note. Writes are limited to one person, cadence membership, task, or note at a time. The pack intentionally excludes person/account updates and deletes, account creation, cadence imports and exports, cadence collection administration, bulk jobs, bulk cadence memberships, email send, call completion, recordings and transcriptions, webhook administration, redaction and right-to-be-forgotten endpoints, OAuth token generation, and arbitrary Salesloft API passthrough.

pack:salesloftsalesloftrevenuesales-engagement
by Recued CoreCertified v1 8 items Pack
SCP File Transfer Pack

V3 approval-gated remote file transfer capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local OpenSSH scp CLI uploads or downloads a single file over SSH via remote.file_upload and remote.file_download catalog operations. This pack deliberately does not expose generic SSH command execution, recursive copies, globbing, arbitrary flags, ProxyCommand, or host-key bypasses. Each transfer requires an explicit host, user, port, remote path, identity-file path, and known-hosts-file path. scp runs in batch mode with IdentitiesOnly and StrictHostKeyChecking enabled, so a recipe cannot silently accept a new host key or fall back to password prompts. Upload consumes a data.file ref or trusted local path; download captures the fetched file as result.file_ref. Requires OpenSSH scp on PATH (Debian/Ubuntu: apt install openssh-client; macOS: scp ships with OpenSSH). Networked and credential-bearing; approval=ask for every operation.

pack:scpscpsshcli
by Recued CoreCertified v1 1 item Pack
Customer Data Platform - Segment

API capability pack for bounded Segment Public API v1 operations against https://api.segmentapis.com only, using the published Segment OpenAPI/SDK version 73.0.0. Enroll a Segment Public API token connection named segment as bearer auth; no credential is embedded in the manifest. The pack reads workspace identity, sources, destinations, warehouses, tracking plans, tracking-plan rules, labels, source schema settings, connected destinations/warehouses, audit events, event volume, API-call usage, and MTU usage. It supports approval-gated governance writes for creating/updating tracking plans, adding a source to a tracking plan, replacing/upserting tracking-plan rules, creating labels, and adding labels to a source. It intentionally excludes source/destination/warehouse creation or credential mutation, destination subscriptions, user/group/IAM administration, regulations and suppression APIs, write-key creation/removal, live plugins, selective sync writes, delete operations, EU endpoint switching, and arbitrary API passthrough.

pack:segmentsegmentcdpcustomer-data
by Recued CoreCertified v1 6 items Pack
Semgrep Pack

V3 static-analysis scan capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local semgrep CLI ingredient exposes bounded project operations for readiness and SAST scanning. Scans run from an explicit project directory cwd supplied at execution time, scan one trusted source directory with the fixed Semgrep Registry p/default ruleset, and return Semgrep JSON findings via the code.sast_scan catalog operation. Fixed-function and bounded: scan command only, JSON stdout, metrics disabled, version check disabled, OSS engine only, no autofix, no finding-based exit failure, no caller-supplied config/rule/pattern, no remote repository clone, no CI/login/publish/LSP/MCP/server command, no Pro engine, no secrets validation, no output-file write, no SARIF/GitLab/JUnit sidecar, no arbitrary semgrep flags, and no shell wrapper. Approval is ask because fetching Registry rules contacts semgrep.dev. Requires semgrep on PATH. Network egress to Semgrep Registry for the fixed ruleset.

pack:semgrepsemgrepsaststatic-analysis
by Recued CoreCertified v1 1 item Pack
Transactional Email - SendGrid

API capability pack for bounded Twilio SendGrid calls against https://api.sendgrid.com only. The pack can send one transactional email, read account/profile/credit state, retrieve global stats, search/read Email Activity messages, inspect bounces/blocks/invalid emails/spam reports/global suppressions, read unsubscribe groups and group suppressions, search/read transactional templates, and inspect one template version. Enroll a SendGrid API-key connection as a bearer token; no credential is embedded in the manifest. Email sending and suppression changes are write-tier and approval-gated. The pack intentionally excludes batch sending, all-suppression purges, template create/edit/delete/activation, marketing campaign, webhook, subuser/admin, API-key, IP, and account-settings mutation surfaces.

pack:sendgridemailtransactionalsend
by Recued CoreCertified v1 1 item Pack
Exception Handoff Loop - Sentry + Linear

Workflow pack that closes the loop between exception-scoped Sentry issues and owner-approved Linear follow-up work. It depends on the Sentry and Linear capability packs, detects one unhandled matching Sentry issue at a time, writes a data.shared proposal, notifies the owner, provides a manual action recipe that either creates the Linear issue and links it back to the Sentry issue or dismisses the proposal, and watches created Linear issues until they reach a terminal state. It does not replace Sentry alerts, Sentry ownership rules, Sentry's native issue-tracker integrations, Sentry alert ticket creation, or Linear triage automation; use it only when the normal native path is unavailable, intentionally bypassed, or missing Recued-visible closure state.

pack:sentry-linear-work-handoffsentrylinearissues
by Recued CoreCertified v1 1 item Pack
Error Monitoring - Sentry

API capability pack for bounded Sentry API calls against https://us.sentry.io only. The pack reads organizations, teams, projects, releases, deploys, release commits, project users, legacy user feedback, issues, project error events, issue events, issue tag values, and issue hashes; it can create one project, create one release deploy marker, and update one issue status. Bundles a scheduled issue triage digest, an AI-assisted issue investigation brief, an approval-gated issue status update workflow, and an approval-gated release deploy marker workflow. Enroll a Sentry auth-token connection as bearer auth; no credential is embedded in the manifest. Project creation, deploy creation, and issue mutation are write-tier and approval-gated. The pack intentionally excludes issue deletion, bulk mutation, alert/rule configuration, release creation/update/delete, file upload/download, source map upload, project key/DSN reads, service hook mutation, and arbitrary API passthrough.

pack:sentrysentryerrorsmonitoring
by Recued CoreCertified v1 5 items Pack
ITSM Operations - ServiceNow

API capability pack for bounded ServiceNow Table API operations. Enroll a servicenow API connection with base_url set to the instance API root, for example https://example.service-now.com/api/now, and authenticate with a least-privilege integration user or OAuth token that has table ACL access for the installed operations. The pack reads incidents, change requests, problems, tasks, users, and CMDB configuration items, and supports approval-gated incident creation, incident assignment/update/resolution, and change request creation/update. It bundles a scheduled incident triage digest, an AI-assisted incident brief, and approval-gated intake, assignment, resolution, and change workflows. The pack intentionally excludes arbitrary table access, record deletion, import sets, attachments, catalog ordering, knowledge mutation, CMDB mutation, user/admin mutation, scripted REST APIs, workflow execution, impersonation, system tables beyond sys_user reads, and arbitrary API passthrough.

pack:servicenowservicenowitsmincidents
by Recued CoreCertified v1 7 items Pack
7z Pack

V3 deterministic 7z archive capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local 7z CLI lists a trusted local archive path and extracts one requested archive entry via archive.list and archive.extract_entry catalog operations. Fixed-function and reproducible: extraction materializes the source archive and writes only to an engine-managed output directory, while listing is path-based text output. Requires 7z on PATH (Debian/Ubuntu: apt install 7zip). Local and no-egress.

pack:sevenzip7z7zipcli
by Recued CoreCertified v1 1 item Pack
Workspace - SharePoint

API capability pack for bounded SharePoint site, list, and document-library operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Searches and reads sites, lists root site collections, site lists, document-library drives, list columns/content types, list items with fields, list item versions/activity, document-library search/delta results, drive item metadata, versions, permissions, thumbnails, and activity, plus approval-gated daily document-library organization actions: create folders, rename drive items, move drive items within a drive, and asynchronously copy drive items. File upload/download/content reads, delete/trash, sharing-link creation, permission mutation, list-item update/delete, conflict-behavior tuning, and arbitrary Graph paths are intentionally not exposed. Enroll a Microsoft Graph OAuth access token connection as bearer auth; no credential is embedded in the manifest. Write operations are approval-gated.

pack:sharepointsharepointmicrosoft-graphsites
by Recued CoreCertified v1 1 item Pack
ShellCheck Pack

V3 deterministic shell-script lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local shellcheck CLI ingredient exposes bounded project operations for readiness and shell-script lint diagnostics. Lints run from an explicit project directory cwd supplied at execution time, inspect one trusted local shell script path, and return JSON diagnostics via the shell.script_lint catalog operation. Fixed-function and reproducible: no arbitrary shellcheck flags, no shell wrapper, no sourced-file following, no caller-supplied rc/config path, and no network egress. Findings are represented as JSON output instead of failing the op; real invocation errors still fail. Requires shellcheck on PATH (Debian/Ubuntu: apt install shellcheck; macOS: brew install shellcheck). Local and no-egress.

pack:shellcheckshellcheckshellbash
by Recued CoreCertified v1 1 item Pack
Shipping - Shippo

API capability pack for bounded Shippo shipping operations against https://api.goshippo.com only. Enroll a Shippo API token connection named shippo using Authorization: ShippoToken <token>; no credential is embedded in the manifest. The pack reads and creates addresses, parcels, shipments/rates, label transactions, tracking status, orders, and refunds for ecommerce shipping workflows. It bundles a scheduled shipping operations digest, a shipment/rate brief, a tracking brief, an approval-gated rate-shopping workflow, and an always-approval label purchase workflow. Writes are limited to one address, parcel, shipment, label transaction, or refund at a time. The pack intentionally excludes carrier-account mutation, batches, pickups, manifests, customs write helpers, webhooks, OAuth/platform account management, arbitrary API passthrough, and credential-bearing arguments.

pack:shipposhipposhippingecommerce
by Recued CoreCertified v1 6 items Pack
Shopify Customer Reply Desk

Workflow pack for Shopify order customer replies. It composes the Shopify capability pack with Email / Outbox and the existing outbound response loop: read one order and its customer context, draft a grounded plain-text response, send only when send_reply is explicitly enabled so the mail-send approval boundary handles the customer-facing write, then watch the customer reply and surface actionable responses for owner follow-up or conversion. Shopify remains read-only in this workflow; it does not edit orders, fulfillments, products, prices, inventory, refunds, cancellations, notes, tags, arbitrary GraphQL, storefront buyer APIs, Shopify Inbox, Shop product reviews, or Shopify Flow automations.

pack:shopify-customer-reply-deskshopifycommerceorders
by Recued CoreCertified v1 6 items Pack
Commerce - Shopify

API capability pack for bounded Shopify Admin GraphQL operations over the 2026-04 Admin API. Enroll a shopify API connection with base_url set to the merchant shop host, for example https://example.myshopify.com; each operation posts to /admin/api/2026-04/graphql.json. The connection must carry a Shopify Admin API access token using Shopify's X-Shopify-Access-Token header. The pack reads shop metadata, products, product variants, inventory items and levels, customers, orders, fulfillments, and tracking details through fixed GraphQL documents. It also bundles a scheduled store operations digest, an AI-assisted order and fulfillment review brief, and approval-gated order triage update workflow. The bundled recipes only use order.note.update and order.tags.add as writes. It exposes only narrow approval-gated daily writes: turn a product on/off, rename a product, update one variant price, update an internal order note, and add/remove order tags. It does not expose arbitrary GraphQL, storefront buyer APIs, product creation, inventory edits, fulfillment creation or updates, refunds, cancellations, order edit sessions, webhooks, or app billing.

pack:shopifyshopifycommerceorders
by Recued CoreCertified v1 4 items Pack
Team Chat - Slack

API capability pack for bounded Slack Web API calls against https://slack.com/api only. Reads auth identity, users, conversations, members, channel history, thread replies, message permalinks, reactions, file metadata, bookmarks, and pinned items, and supports approval-gated message posting, thread replies, message updates, emoji reactions, bookmark creation, and message pinning. Bundles a scheduled channel activity digest, an AI-assisted thread brief, and an approval-gated channel update workflow. This is intended for daily personal, team, and one-person-company communication workflows: inspect channels, find people, summarize recent messages, reply in context, correct a sent bot/user message, save useful channel links, pin important messages, inspect shared file metadata, and acknowledge work with a reaction. Enroll a Slack bot or user token connection as bearer auth; no credential is embedded in the manifest. The pack intentionally excludes message deletes, channel create/archive/rename/topic/purpose changes, open/join/leave/invite/kick flows, file upload/download/delete, bookmark edit/remove, pin remove, user/admin/profile mutation, reminders, stars, workflow/view APIs, SCIM/Audit Logs/Admin APIs, search passthrough, and arbitrary Web API passthrough.

pack:slackslackchatmessages
by Recued CoreCertified v1 4 items Pack
Smartsheet Row Discussion Closure Loop

Workflow pack for Recued-created Smartsheet row discussions. It composes the Smartsheet capability pack with a closure ledger: create one owner-approved row-level discussion/comment on an existing Smartsheet row, persist only the connection/sheet/row/discussion linkage in data.shared, and let a scheduled watcher re-read that exact row until a configured status column reaches a terminal value. Terminal rows close the Recued row; unreadable rows remain open until a future watcher pass can prove terminal state. This pack does not replace Smartsheet discussions, comments, automations, update requests, reminders, notifications, reports, dashboards, sharing, attachments, proofs, or sheet permissions; it adds Recued-visible closure state for row discussions Recued created.

pack:smartsheet-row-discussion-closuresmartsheetsheetsrows
by Recued CoreCertified v1 2 items Pack
Work Management - Smartsheet

API capability pack for bounded Smartsheet REST API operations against https://api.smartsheet.com/2.0. Enroll a Smartsheet API or OAuth bearer connection named smartsheet with least-privilege read scopes plus WRITE_SHEETS only when approval-gated row or discussion writes are installed. The pack reads the current user, workspaces, workspace children, sheets, columns, rows, discussions, row discussions, reports, and report detail for portfolio review, sheet briefs, and collaboration workflows. It bundles a scheduled workspace portfolio digest, an AI-assisted sheet brief, and approval-gated workflows for adding rows, updating rows, and replying to discussions. Writes are limited to one sheet row batch or one discussion/comment target at a time. The pack intentionally excludes deletes, sharing and permission changes, imports, attachments and downloads, webhooks, group and user administration, copy or move operations, folder or workspace creation, send-email and update-request endpoints, automation mutation, proof mutation, favorites, token endpoints, and arbitrary Smartsheet API passthrough.

pack:smartsheetsmartsheetwork-managementproject-management
by Recued CoreCertified v1 6 items Pack
SMB Finance Starter - QuickBooks

One-install front door for a small business that keeps its own books on QuickBooks Online. Install this first: it lights up locally at cold start with first-run onboarding, a Recued-native setup profile, and a unified work queue that pulls inbound email, calendar, and follow-ups into one prioritized list, plus mail-attachment invoice intake that parses a received invoice/receipt with the docling document toolkit and stages the extracted fields preview-first. It deepens when you bind QuickBooks and a Google Drive receipts folder: the daily back-office becomes a live AR / overdue / cash-in cockpit, overdue-invoice-chase drafts one reminder per past-due customer and sends the owner-approved batch through the mail-send gate, and the Drive folder-watch lane stages each new document through the same docling parse. Born blocked, honestly: before the QuickBooks and Google Drive binds the local queue and mail-attachment intake still run, while the accounting and Drive lanes show "connect QuickBooks / Google Drive." Capability packs own the execution points and gates - every QuickBooks write (invoice/payment/refund/void) and every Google Drive folder write stays approval-gated in accounting-quickbooks and gdrive, and customer email only ever sends owner-approved. This pack owns the working operating model; the capability packs own the money and the actuation. Shipped pinned to QuickBooks; collapses to the vendor-agnostic smb-finance-starter once Xero lands.

pack:smb-finance-startersoloone-person-companycold-start
by Recued CoreCertified v1 6 items Pack
SMB Finance Starter - Xero

One-install front door for a small business that keeps its own books on Xero. Install this first: it lights up locally at cold start with first-run onboarding, a Recued-native setup profile, and a unified work queue that pulls inbound email, calendar, and follow-ups into one prioritized list, plus mail-attachment invoice intake that parses a received invoice/receipt with the docling document toolkit and stages the extracted fields preview-first. It deepens when you bind Xero and a Google Drive receipts folder: the daily back-office becomes a live AR / overdue / cash-in cockpit, overdue-invoice-chase drafts one reminder per past-due customer and sends the owner-approved batch through the mail-send gate, and the Drive folder-watch lane stages each new document through the same docling parse. Born blocked, honestly: before the Xero and Google Drive binds the local queue and mail-attachment intake still run, while the accounting and Drive lanes show "connect Xero / Google Drive." Capability packs own the execution points and gates - every Xero write (invoice/payment/refund/void) and every Google Drive folder write stays approval-gated in accounting-quickbooks and gdrive, and customer email only ever sends owner-approved. This pack owns the working operating model; the capability packs own the money and the actuation. Shipped pinned to Xero; collapses to the vendor-agnostic smb-finance-starter once Xero lands.

pack:smb-finance-startersoloone-person-companycold-start
by Recued CoreCertified v1 6 items Pack
SMB Invoice Intake

Vendor-neutral document-intake pack for a small business that keeps its own books. The two recipes parse received invoices/receipts and stage the extracted fields, with no accounting-vendor binding of their own: invoice-intake-organizer parses one received document with the docling toolkit and stages the extracted fields (preview-first); invoice-intake-watch polls a Google Drive folder for new documents and stages each through the same docling parse (download straight into the warehouse CAS as a file_ref, no bytes through op-step values). The accounting reporting workflows (overdue-invoice-chase, accounting-daily-back-office) moved to the accounting capability packs (accounting-quickbooks / accounting-xero) where they resolve their canonical op-steps against the bound vendor — install one of those for the AR / overdue / cash-in side. Bind the Google Drive connection once and assign each recipe a dish.

pack:smb-invoice-financesoloone-person-companycold-start
by Recued CoreCertified v1 2 items Pack
Security Posture - Snyk

API capability pack for bounded Snyk REST API reads against https://api.snyk.io/rest only, pinned with version=2024-10-15 on every operation. Enroll a Snyk connection named snyk that injects Authorization with either the documented token header or bearer auth; no credential is embedded in this manifest. The pack reads groups, organizations, projects, issues, targets, collections, and inventory assets for security posture review, vulnerability triage, asset inventory, and developer remediation planning. It bundles a scheduled security posture digest and an AI-assisted issue investigation brief. This slice is read-only: it intentionally excludes deletes, ignore/resolution mutation, project/target/collection mutation, invite and membership administration, app secrets, service account secrets, SSO, settings, policy mutation, export jobs, SBOM uploads/tests, package issue POST queries, and arbitrary Snyk API passthrough.

pack:snyksnyksecurityvulnerabilities
by Recued CoreCertified v1 3 items Pack
Solo Business Starter - HubSpot + Stripe

End-to-end one-person-company starter pack. Install this first when the business runs on HubSpot, Stripe, email, calendar, and reception: it gives the owner first-run onboarding, a Recued-native setup profile, a unified work queue, weekly owner review, customer support reply desk, outbound follow-up loop, daily command center, inbound mail triage, task and commitment extraction, meeting context, CRM pipeline views, CRM maintenance writes, HubSpot engagement alerts, Stripe billing back-office workflows, and the Stripe money capability under the same install story. Capability packs own execution points and gates; this pack owns the working operating model.

pack:solo-business-startersoloone-person-companycold-start
by Recued CoreCertified v1 42 items Pack
Solo Command Center

Pick this for the daily cockpit: a set of cards — today's schedule, open commitments, stalled projects, recent notes, inbound-mail triage, and meeting prep — built over your own tasks, notes, and contacts. No external CRM, billing, or GitHub account is set up here; add those with sibling packs when you need them. Choosing between the solo desks? Solo Discipline Loop installs these same cards plus an email outbox so replies and sends work end to end; Solo Work Queue shows everything as one merged list instead of separate cards. Start here if you want the daily view and will connect mail later.

pack:solo-command-centersoloone-person-companycold-start
by Recued CoreCertified v1 6 items Pack
Solo Developer Workbench

One-person-company developer pack for founders and indie hackers whose work arrives as GitHub issues plus mail. It installs the GitHub-to-Codex background workflow and the personal work queue views that make those runs visible alongside ordinary commitments.

pack:solo-developer-workbenchsoloone-person-companycold-start
by Recued CoreCertified v1 8 items Pack
Solo Discipline Loop

Pick this for a self-contained operating system with no external vendor account: everything in Solo Command Center (today's schedule, open commitments, stalled projects, recent notes, meeting prep) plus an email outbox, so inbound mail is captured into tasks and commitments and replies can be sent. Built entirely on Recued's own tasks, notes, and contacts — add a CRM, billing, or GitHub pack later when the business needs vendor depth. If you don't need the mail outbox yet, Solo Command Center installs the same daily cards without it.

pack:solo-discipline-loopsoloone-person-companycold-start
by Recued CoreCertified v1 6 items Pack
Onboarding / First-Run Setup

Preview-first onboarding pack for a one-person company. It captures the owner's operating profile, shows the setup checklist, and can seed Recued-native notes, projects, tasks, and a weekly review commitment when the owner explicitly switches write_mode to create.

pack:solo-first-run-setupsoloone-person-companycold-start
by Recued CoreCertified v1 2 items Pack
Solo Front Desk

Pick this if customers reach you while you're heads-down on other work: a front desk that takes in requests through a Reception form and your inbox, holds every submission for your review instead of acting on its own, sorts mail into action vs. noise, and turns the requests you accept into commitments or tasks — so nothing becomes another inbox to babysit.

pack:solo-front-desksoloone-person-companycold-start
by Recued CoreCertified v1 2 items Pack
Solo Revenue Back Office - HubSpot

One-person-company revenue pack for a HubSpot-backed business with Stripe billing. It turns the CRM and billing capability packs into a daily operating surface: open pipeline, forecast, top deals, contacts needing cleanup, CRM maintenance writes, account summaries, engagement alerts, invoice recovery exceptions, payment exceptions, and customer billing cleanup.

pack:solo-revenue-back-officesoloone-person-companycold-start
by Recued CoreCertified v1 19 items Pack
Solo Revenue Back Office - Salesforce

One-person-company revenue pack for a Salesforce-backed business with Stripe billing. It installs the same daily operating surface as the HubSpot variant over Salesforce and Stripe capability packs: open pipeline, forecast, top opportunities, contact cleanup, CRM maintenance writes, account summaries, engagement alerts, invoice recovery exceptions, payment exceptions, and customer billing cleanup.

pack:solo-revenue-back-officesoloone-person-companycold-start
by Recued CoreCertified v1 18 items Pack
stat Pack

V3 deterministic filesystem metadata capability pack for BSD/macOS stat syntax. By-value connector composition (service_kind=cli, no separate ingredient): one local stat CLI ingredient exposes bounded read-only file metadata for one trusted local path using built-in stat output modes: default, raw numeric, shell-variable, verbose, and ls-style long format. The operations return stat metadata only; they do not return file content, follow symlinks via -L, canonicalize paths, recurse directories, read stdin, accept file lists, expose arbitrary stat formats, write files, or use a shell wrapper. Editable paths reject flag-like values, URL-like references, and scp-style remotes. Requires a BSD-compatible stat on PATH (macOS / FreeBSD option set). Local and no-egress.

pack:statstatclifilesystem
by Recued CoreCertified v1 1 item Pack
Solo Work Queue

Pick this if you want one prioritized list instead of separate cards: a single work queue that automatically pulls inbound email, calendar activity, and contact follow-ups into tasks, commitments, and reminders, so everything needing attention shows up in one place. It is the queue-first way to start the back office — add external CRM, billing, GitHub, and approval lanes with sibling capability packs. Prefer a dashboard of separate daily cards (today, commitments, stalled projects, notes)? Choose Solo Command Center or Solo Discipline Loop instead.

pack:solo-work-queuesoloone-person-companycold-start
by Recued CoreCertified v1 2 items Pack
SoX Pack

V3 deterministic audio-transform capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local SoX CLI exposes readiness, local audio header inspection, duration probing, ASR-friendly WAV conversion, normalized ASR-friendly WAV conversion, telephony WAV conversion, and fixed 30-second preview WAV extraction. Fixed-function and reproducible: conversion happens locally before any model sees the audio. Write-tier operations write only to an engine-managed throwaway output dir and captured WAVs are surfaced as result.file_ref; downstream audio.transcribe / ai-* steps consume them through Gateway-gated file refs. The transform source can be a data.file ref or a trusted local path; path-based inspection ops return stdout text and intentionally do not materialize file_ref input. The pack exposes no arbitrary SoX effects, effect files, combiner modes, playback/recording devices, shell wrapper, stdin/stdout audio pipes, caller-controlled output path, environment override, or network egress. Requires the sox binary and relevant codec support on PATH (Debian/Ubuntu: apt install sox; macOS: brew install sox).

pack:soxsoxcliaudio
by Recued CoreCertified v1 1 item Pack
SQLite3 Read-Only Pack

V3 guarded local SQLite read capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local sqlite3 CLI ingredient exposes bounded operations for readiness, schema inspection, table/object inventory, file/page stats, attached database listing, integrity checks, quick checks, foreign-key violation counts, and read-only SQL reports. Bundles a manual read-only query report and a scheduled query-result watch so users can turn local app/business SQLite files into dashboards and alerts. Database operations use sqlite3 safe mode, read-only open mode, JSON output, and PRAGMA query_only=ON; approval is ask because schema, health, and query output can reveal local database contents and arbitrary SELECT text can still be expensive. Requires sqlite3 on PATH (Debian/Ubuntu: apt install sqlite3; macOS: sqlite3 is commonly installed with system tools). Local and no-egress.

pack:sqlite3sqlite3clisqlite
by Recued CoreCertified v1 3 items Pack
Commerce & Payments - Square

API capability pack for bounded Square operations against https://connect.squareup.com using Square API version 2026-05-20. Enroll a square API connection as OAuth bearer auth or access-token bearer auth; no credential is embedded in the manifest. The pack reads locations, customers, payments, refunds, orders, invoices, payouts, payout entries, and catalog objects for daily sales, billing, and bank reconciliation, and approval-gates customer profile create/update for everyday customer-list maintenance. It intentionally does not expose payment creation/capture/cancel/complete, refund creation, order pay, invoice creation/publish/cancel/delete, catalog writes, customer delete, webhooks, devices, payout initiation, bank accounts, loyalty writes, or arbitrary API passthrough.

pack:squaresquarecommercepayments
by Recued CoreCertified v1 1 item Pack
Commerce - Squarespace

API capability pack for bounded Squarespace Commerce REST operations against https://api.squarespace.com only. Reads the authorized member, website profile, store pages, orders, products, product image processing status, inventory, contacts, address books, contact transaction summaries, profiles, webhook subscriptions, and transaction documents for daily solo-business storefront operations. Writes are approval-gated and limited to order fulfillment, inventory adjustment with caller-supplied Idempotency-Key, product create/update, product variant create/update, product image alt/order updates, contact create/update, and contact address create/replace using documented Squarespace request bodies. Enroll a Squarespace API key or OAuth bearer-token connection named squarespace; no credential is embedded in the manifest. The connection needs the relevant Squarespace Commerce API key permissions or OAuth scopes such as website.orders.read, website.orders, website.products.read, website.products, website.inventory.read, website.inventory, website.contacts.read, website.contacts, website.profiles.read, and website.transactions.read. The pack intentionally excludes deletes, order creation/import, refunds/payment mutation, profile mutation, webhook subscription mutation/secret rotation/test delivery, OAuth token exchange, arbitrary endpoint passthrough, and any endpoint outside api.squarespace.com.

pack:squarespacesquarespacecommercestorefront
by Recued CoreCertified v1 7 items Pack
Incident Communications - Statuspage

API capability pack for bounded Atlassian Statuspage Manage API calls against https://api.statuspage.io/v1 only. Reads pages, components, component groups, component uptime, incidents, unresolved incidents, scheduled incidents, upcoming incidents, and active maintenance, and supports approval-gated incident creation, incident updates, and component status updates. Bundles a scheduled component health digest, an AI-assisted incident brief, and approval-gated workflows for creating an incident, updating a component status, and updating an incident status. Enroll a Statuspage header-auth connection named statuspage that injects Authorization: OAuth <api-key>. The pack intentionally excludes page configuration mutation, component create/delete, component-group mutation, subscriber mutation, page-access users/groups, incident deletion, postmortem publish/revert/delete, metric mutation, organization/user/permission APIs, SCIM, and arbitrary API passthrough.

pack:statuspagestatuspageincidentsstatus
by Recued CoreCertified v1 6 items Pack
Billing & Invoicing - Stripe

V3 Stripe capability pack for the Billing & Invoicing flagship. It declares canonical billing operations over Stripe balances, balance transactions, payments, invoices, invoice items, customers, subscriptions, products, prices, refunds, and payouts. Reads flow after connection grant; invoice/customer/invoice-item writes ask; refunds, invoice voids, subscription cancels, and payout creation are destructive/always-ask so money movement never rides a session grant.

pack:billing-stripebillinginvoicingpayments
by Recued CoreCertified v1 1 item Pack
Backend Platform - Supabase

API capability pack for bounded Supabase Management API v1 operations against https://api.supabase.com. Enroll a supabase bearer-token connection backed by a personal access token or OAuth token; no credential is embedded in the manifest. The pack reads profile, organizations, organization members and entitlements, projects, available regions, service health, restore-version metadata, Postgres upgrade status, performance/security advisor lints, usage aggregates, SQL snippets, migration and backup metadata, Postgres configuration, SSL enforcement, readonly status, database metadata/OpenAPI, preview branches and action runs/logs, domain configuration, Edge Function metadata, storage buckets, third-party auth and SSO provider metadata, and realtime configuration. Approval-gated writes are limited to project pause/restart, custom-hostname reverify/activate, vanity subdomain check/activate/deactivate, and preview-branch create/update/merge/delete. The pack intentionally excludes project create/delete/transfer/upgrade, raw SQL read/write query, analytics SQL log query endpoints, API-key and signing-key reads/writes, OAuth token exchange/revoke, billing/addons, database credentials/connection-string reads, auth provider secret config reads/writes, PostgREST JWT-secret reads, Edge Function body reads and deploy uploads, arbitrary migration/rollback/PITR execution, database password and pooler mutation, network restriction mutation, JIT access, read replicas, log drains, secret reads/writes, storage external-provider mutation, and arbitrary API passthrough.

pack:supabasesupabasebackenddatabase
by Recued CoreCertified v1 1 item Pack
Survey Operations - SurveyMonkey

API capability pack for bounded SurveyMonkey API v3 operations against https://api.surveymonkey.com/v3. Enroll a SurveyMonkey OAuth bearer connection named surveymonkey with least-privilege read scopes plus collectors_write only when outreach writes are installed. The pack reads the current user, surveys, survey details, pages, questions, collectors, collector stats, messages, message stats, recipients, full survey responses, response details, rollups, and trends for customer research, employee feedback, NPS, and marketing research workflows. It bundles a scheduled survey response digest, AI-assisted response and collector/message briefs, and approval-gated workflows for creating a web collector, creating an invite message, adding one recipient, and sending or scheduling one message. The pack intentionally excludes survey/page/question mutation, response mutation, deletes, webhooks, contact-list bulk imports, recipient bulk uploads, file downloads from response attachments, benchmark analysis, organizations/groups/workgroups/roles administration, library administration, OAuth token endpoints, and arbitrary SurveyMonkey API passthrough.

pack:surveymonkeysurveymonkeysurveysresponses
by Recued CoreCertified v1 8 items Pack
Syft Pack

V3 deterministic local SBOM capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local syft CLI ingredient exposes bounded project operations for readiness and CycloneDX JSON SBOM generation. The scan runs from an explicit project directory cwd supplied at execution time, scans one trusted local target directory, and writes a CycloneDX JSON software bill of materials via the software.sbom_cyclonedx catalog operation. Fixed-function and reproducible: no container registry pulls, no login, no attestation upload, no caller-supplied config/template path, no arbitrary syft flags, no shell wrapper, and no network egress. The SBOM is captured as result.file_ref instead of stdout so large dependency metadata stays behind the Gateway-gated file-ref boundary. Requires syft on PATH (macOS: brew install syft; Linux: install the Anchore syft binary). Local and no-egress.

pack:syftsyftsbomcyclonedx
by Recued CoreCertified v1 1 item Pack
TAR Pack

V3 deterministic TAR archive capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local tar CLI exposes readiness, member listing, single-file TAR creation, and extraction of one requested TAR member via fixed catalog operations. Listing is read-only and works for tar plus common compressed tar archives supported by the installed tar. File-output operations materialize the source file/archive and write exactly one result file under an engine-managed output directory; these create/extract operations require GNU-compatible --transform support because the pack strips source/extracted path components with a fixed transform. Write-tier but approval=never: tar writes only to an engine-managed output dir, disables owner/permission restoration during extraction, and exposes no arbitrary flags, recursive extraction, overwrite target, file-list, remote, or compression-program surface. Requires tar on PATH with GNU-compatible transform support for file-output operations (Debian/Ubuntu: tar is commonly installed; macOS system bsdtar supports the new list operations but not the existing --transform file-output ops). Local and no-egress.

pack:tartarcliarchive
by Recued CoreCertified v1 1 item Pack
Team Chat - Microsoft Teams

API capability pack for bounded Microsoft Teams operations through Microsoft Graph at https://graph.microsoft.com/v1.0 only. Enroll a Microsoft Graph OAuth access token connection named microsoft. The pack reads the current user, joined teams, teams, team members, channels, channel members, channel tabs, enabled apps, installed apps, channel messages and replies, chats, chat members, chat tabs, chat installed apps, pinned chat messages, chat messages, and chat replies. Bundles a scheduled channel activity digest, an AI-assisted channel thread brief, and an approval-gated channel update workflow. Writes are approval-gated and limited to sending a single channel/chat message or reply, or setting/removing one message reaction. It intentionally excludes Teams admin endpoints, app install/update/delete, member add/remove, team/channel/chat creation, tabs mutation, deletes/soft-deletes, message edits, pin/unpin, hosted-content binary reads, activity notifications, migration endpoints, permission grants, calendar/file surfaces already covered by calendar/OneDrive/SharePoint packs, and arbitrary Microsoft Graph passthrough.

pack:teamsmicrosoft-teamsmicrosoft-graphchat
by Recued CoreCertified v1 4 items Pack
Terraform Pack

V3 Terraform CLI capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local terraform CLI ingredient exposes bounded infrastructure-as-code operations for readiness, recursive format checking, and configuration validation. Project operations run from an explicit Terraform working directory cwd supplied at execution time, use Terraform's built-in machine-readable diagnostics where available, avoid caller-supplied Terraform flags, avoid shell wrappers, and never expose plan, apply, destroy, state, import, workspace, init, provider installation, module download, variable files, backend mutation, or arbitrary command execution. Format checking is read-only. Validation is approval-gated because Terraform may execute installed provider plugins while loading provider schemas. Requires terraform on PATH and an already initialized working directory when provider schemas are needed.

pack:terraformterraformiacinfrastructure
by Recued CoreCertified v1 1 item Pack
Tesseract OCR Pack

V3 deterministic image-OCR capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local tesseract CLI ingredient exposes bounded operations for readiness, installed language discovery, plain-text OCR, and TSV OCR with word boxes/confidence. Fixed-function and reproducible: OCR happens locally before any model sees the image, no caller-supplied Tesseract config files, no user words/patterns, no tessdata path override, no arbitrary flags, no stdin, and no shell wrapper. OCR outputs are faithful local file writes into engine-managed throwaway temp dirs, captured as result.file_ref, and consumed by downstream ai-* steps through Gateway-gated file refs. The source can be a data.file ref or a trusted local path. Requires the tesseract binary and requested language data on PATH (Debian/Ubuntu: apt install tesseract-ocr tesseract-ocr-eng; macOS: brew install tesseract). Local and no-egress, but image decoding still depends on Leptonica/Tesseract format parsers; prefer file_ref sources and keep the OCR stack patched.

pack:tesseracttesseractcliocr
by Recued CoreCertified v1 1 item Pack
HTML Tidy Pack

V3 deterministic HTML cleanup and conversion capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local HTML Tidy CLI ingredient exposes readiness plus fixed HTML formatting and XHTML conversion operations. Fixed-function and reproducible: the executor materializes the source HTML and owns the throwaway output directory, while tidy writes fixed result files that are captured as result.file_ref. Write-tier but approval=never: tidy writes only to an engine-managed output dir, exposes no arbitrary flags or config file, and never streams source bytes through op-step values. Requires the tidy binary on PATH (Debian/Ubuntu: apt install tidy; macOS: brew install tidy-html5). Local and no-egress.

pack:tidytidyhtmlformat
by Recued CoreCertified v1 1 item Pack
Todoist Task Closure Loop

Workflow pack for Recued-created Todoist tasks. It composes the Todoist capability pack with a closure ledger: create one owner-approved task, optionally in one live Todoist project, persist only the connection/task/project linkage in data.shared, and let a scheduled watcher re-read that exact task until Todoist reports it checked, completed, or deleted. Completion closes the Recued row; deletion marks it for owner review instead of silently treating it as done. This pack does not replace Todoist due dates, reminders, filters, labels, sections, projects, recurring-task behavior, templates, automations, webhooks, native task completion controls, or general task reporting; it adds Recued-visible closure state for Todoist tasks Recued created.

pack:todoist-task-closuretodoisttasksprojects
by Recued CoreCertified v1 2 items Pack
Messaging - Twilio

API capability pack for bounded Twilio communications, account health, and usage reads against https://api.twilio.com only. The pack exposes account and balance reads, SMS/MMS message search/read, message-media search/read, voice call search/read, recording metadata search/read, owned phone-number inventory, usage summaries and common usage rollup windows, plus usage-trigger reads through Twilio's 2010-04-01 REST API. Enroll a Twilio API connection as basic auth with Account SID as username and Auth Token as password; no credential is embedded in the manifest. Message/call sending, number provisioning, phone-number configuration edits, account list/create/update, usage-trigger create/update/delete, deletes, recording or media binary fetches, and arbitrary Twilio endpoints are intentionally not exposed.

pack:twiliotwiliosmsmms
by Recued CoreCertified v1 1 item Pack
Todoist Task Comment Closure Loop

Workflow pack for Recued-created Todoist task comments. It composes the Todoist capability pack with a closure ledger: add one owner-approved comment to an existing Todoist task, persist only the connection/task/comment linkage in data.shared, and let a scheduled watcher re-read that exact task and comment until Todoist reports the task checked, completed, deleted, or the comment deleted. Completion closes the Recued row; deletion marks it for owner review instead of silently treating it as done. This pack does not replace Todoist comments, native notifications, task completion controls, reminders, filters, labels, sections, projects, recurring-task behavior, templates, automations, webhooks, or general task reporting; it adds Recued-visible closure state for task comments Recued created.

pack:todoist-task-comment-closuretodoisttaskscomments
by Recued CoreCertified v1 2 items Pack
Tasks - Todoist

API capability pack for bounded Todoist API v1 operations against https://api.todoist.com only. Reads active tasks, fixed daily task views (today, overdue, upcoming, no-date, priority-1), flexible filtered task views, projects, sections, labels, and comments, and supports approval-gated task creation, metadata updates, moves, close/reopen actions, and comment creation. Bundles a scheduled daily task digest, an AI-assisted task/project brief, and an approval-gated task intake workflow. This is intended for daily personal and one-person-company task capture, triage, follow-up, and project review workflows. Enroll a Todoist personal token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. The pack intentionally excludes deletes, bulk operations, project/section/label mutation, reminders, file uploads, collaboration/admin settings, templates/import/export, webhooks, arbitrary sync commands, and arbitrary API passthrough.

pack:todoisttodoisttasksprojects
by Recued CoreCertified v1 4 items Pack
Open Model Inference - Together AI

API capability pack for bounded Together AI REST API operations against https://api.together.ai/v1 only. Enroll a Together AI bearer API-key connection named togetherai; no credential is embedded in this manifest. The pack reads the model catalog, creates non-streaming chat completions, legacy text completions, embeddings, rerank responses, prompt-only image generations, and reads deployment, deployment-log, and hardware inventory for open-model inference, RAG preparation, relevance review, image ideation, model selection, and dedicated-capacity operations. Generation, embedding, rerank, and image calls are read-tier inference calls that consume Together AI quota but do not create durable customer resources through this pack. The pack intentionally excludes streaming, tool/function calling, arbitrary extra request fields, OpenAI Assistants/Threads/Runs, file upload/download/delete, batches, audio speech/transcription/translation, video generation, image edits/inpainting/reference images/image LoRAs, disable_safety_checker, model upload, fine-tune job mutation, deployment create/update/delete, endpoint/secret/storage mutation, code interpreter/sandbox APIs, external base URLs, custom host switching, and arbitrary Together AI API passthrough.

pack:togetheraitogetheraiaillm
by Recued CoreCertified v1 5 items Pack
Time Tracking - Toggl Track

API capability pack for bounded Toggl Track API v9 operations against https://api.track.toggl.com/api/v9 only. Reads the current user, workspaces, clients, projects, tasks, and time entries for daily solo-business time tracking. Writes cover approval-gated client, project, task, and time-entry create/update/stop operations for ordinary timesheet setup and cleanup. Enroll a Toggl Track API connection as HTTP Basic auth using the email/username and API token/password pair documented by Toggl; no credential is embedded in the manifest. The pack intentionally excludes account/profile edits, workspace settings, organizations, users, groups, billing, invoices, expenses, reports, reminders, webhooks, deletes, archive/restore endpoints, bulk edits, imports, exports, sharing management, approvals, and arbitrary API passthrough.

pack:toggltoggltoggl-tracktime-tracking
by Recued CoreCertified v1 1 item Pack
Tokei Pack

V3 deterministic codebase language statistics capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local tokei CLI counts files, lines, code, comments, and blanks for one trusted local source tree and returns aggregate JSON via the codebase.language_stats catalog operation. Fixed-function and reproducible: no arbitrary tokei flags, no previous-run input file, no per-file path listing, no hidden-file override, no ignore-file bypass, no shell wrapper, and no network egress. Requires tokei on PATH (macOS: brew install tokei; Rust environments: cargo install tokei). Local and no-egress.

pack:tokeitokeicode-statslanguage-stats
by Recued CoreCertified v1 1 item Pack
Trello Card Closure Loop

Workflow pack for Recued-created Trello cards. It composes the Trello capability pack with a closure ledger: create one owner-approved card in one live Trello list, persist only the connection/board/list/card linkage in data.shared, and let a scheduled watcher re-read that exact card until Trello reports it archived, due-complete, or in a configured terminal list. This pack does not replace Trello card archive controls, due-complete controls, list workflows, board views, reminders, Butler automation, native notifications, webhooks, comments, checklists, member assignment, labels, attachments, or general project reporting; it adds Recued-visible closure state for Trello cards Recued created.

pack:trello-card-closuretrellocardsproject-management
by Recued CoreCertified v1 2 items Pack
Trello Card Comment Closure Loop

Workflow pack for Recued-created Trello card comments. It composes the Trello capability pack with a closure ledger: add one owner-approved comment to an existing Trello card, persist only the connection/card/comment linkage in data.shared, and let a scheduled watcher re-read that exact card until Trello reports it archived, due-complete, or in a configured terminal list. This pack does not replace Trello card comments, native notifications, card archive or due-complete controls, board views, reminders, Butler automation, webhooks, or general project reporting; it adds Recued-visible closure state for card comments Recued created.

pack:trello-card-comment-closuretrellocardscomments
by Recued CoreCertified v1 2 items Pack
Project Boards - Trello

API capability pack for bounded Trello REST API v1 operations against https://api.trello.com only. Reads the current member, boards, workspaces, lists, cards, actions/comments, labels, checklists, check items, attachments, custom fields, members, search results, and webhooks for practical project and personal operations. Bundles a scheduled board activity digest, an AI-assisted card review brief, and an approval-gated card intake workflow. Writes cover approval-gated daily work: create/update/archive boards and lists, create/update/archive cards, move cards, assign members, set labels, add/update/delete comments, add URL attachments, create/update checklists and check items, update card custom-field values, create/update labels, and create/update/delete webhooks. Enroll a Trello API connection that injects the API key and token query parameters documented by Trello; no credential is embedded in this manifest. The pack intentionally excludes enterprise/admin endpoints, Power-Up/plugin management, token introspection that requires the raw token in the URL, batch passthrough, arbitrary API passthrough, file upload attachment bodies, voting/stickers, and destructive board/list deletion beyond Trello's archive/close model.

pack:trellotrelloproject-managementboards
by Recued CoreCertified v1 4 items Pack
Trivy Pack

V3 local filesystem security capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local trivy CLI ingredient exposes bounded project operations for readiness, dependency/IaC security scanning, and CycloneDX SBOM generation. Operations accept one trusted filesystem target, avoid caller-supplied Trivy flags, avoid shell wrappers, and keep findings or SBOM output as JSON. Security scans use filesystem target mode, vuln+misconfig scanners only, JSON output, and no output file; they expose no container image scan, Kubernetes scan, repo clone, server/client mode, secret scanning, license-policy scan, caller-supplied config/check/template/VEX/ignorefile paths, registry credentials, module/plugin actions, or arbitrary command execution. Approval is ask because Trivy may update vulnerability and check databases before scanning. Requires trivy on PATH. Network egress may occur for Trivy database/check updates.

pack:trivytrivyvulnerabilitymisconfiguration
by Recued CoreCertified v1 1 item Pack
TruffleHog Pack

V3 local secret-discovery capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local trufflehog CLI ingredient exposes bounded operations for readiness, filesystem secret scans, and local Git-history secret scans. Filesystem scans accept one trusted file or directory and Git scans run from an explicit project directory cwd against file://.; both return JSONL findings. Fixed-function and reproducible at the invocation boundary: JSON output, no verification/API login checks, no update check, no GitHub/GitLab/cloud/container/CI/Elasticsearch/Jenkins/Postman sources, no caller-supplied config, no custom verifier endpoints, no detector include/exclude lists, no archive expansion, no output-file write, no stdin, no arbitrary flags, and no shell wrapper. Findings use TruffleHog's --fail exit code and are represented as successful JSONL output; real scan errors still fail. Requires trufflehog on PATH. Local and no-egress when used with --no-verification and --no-update.

pack:trufflehogtrufflehogclisecurity
by Recued CoreCertified v1 1 item Pack
Forms - Typeform

API capability pack for bounded Typeform API operations against https://api.typeform.com only. Reads workspaces, forms, form copy and translation payloads, submitted and partial form responses, image/theme inventory, and webhook configuration for lead intake, customer feedback, surveys, and lightweight support handoff workflows. Enroll a Typeform personal access token or OAuth access token connection as bearer auth; no credential is embedded in the manifest. The pack can approval-gate creating one form from explicit fields/settings and create/update one webhook destination for practical intake automation. It intentionally excludes form full update/delete, response deletion, webhook deletion, webhook signing-secret setting or rotation, image/theme mutation or upload/delete, workspace member changes, and arbitrary API passthrough.

pack:typeformtypeformformsresponses
by Recued CoreCertified v1 1 item Pack
TypeScript Pack

V3 TypeScript compiler capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local tsc CLI ingredient exposes bounded project operations for readiness and TypeScript type-check diagnostics. Type-checking runs from an explicit project directory cwd supplied at execution time, uses one tsconfig path, disables emit, disables incremental state writes, disables pretty/ANSI output, avoids caller-supplied compiler flags, avoids shell wrappers, and keeps type errors visible as text output. The pack exposes no watch mode, build mode, JavaScript/declaration emit, plugin installation, package manager invocation, stdin, environment override, or arbitrary command execution. Requires tsc on PATH. Local and no-egress.

pack:typescripttypescripttsctype-check
by Recued CoreCertified v1 1 item Pack
Unzip Pack

V3 deterministic ZIP archive capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local unzip CLI exposes readiness, archive listing, verbose metadata listing, CRC integrity testing, and extraction of one requested ZIP entry into an engine-managed output directory. Read operations are path-based because member names, metadata, and test diagnostics are stdout value output. Extraction materializes the source ZIP and writes only under an engine-managed output directory, while -j strips archive paths from the extracted filename. Fixed-function and reproducible: no recursive all-entry extraction, overwrite target, password, text conversion, archive mutation, wildcard expansion knobs, caller-chosen filesystem target, or arbitrary unzip flags. Requires unzip on PATH (Debian/Ubuntu: apt install unzip; macOS: unzip is commonly installed with system tools). Local and no-egress.

pack:unzipunzipclizip
by Recued CoreCertified v1 1 item Pack
uv Pack

V3 Astral uv Python toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local uv CLI ingredient exposes bounded project operations for readiness, lockfile freshness checks, dependency tree inspection, requirements export, CycloneDX SBOM generation, dependency vulnerability audit, and pytest execution through uv. Project operations run from an explicit project directory cwd supplied at execution time through the native cli_invocation cwd field, avoid caller-supplied uv flags, avoid shell wrappers, and keep diagnostics visible as text or JSON output. Lock, tree, and export operations use locked/check/offline/no-Python-download modes and never write the lockfile or sync the environment. Dependency audit is approval-gated because package inventory is sent to the fixed OSV advisory service. Test execution is approval-gated because pytest imports and executes project code in the discovered uv environment. Requires uv on PATH.

pack:uvuvastralpython
by Recued CoreCertified v1 1 item Pack
Deployment Incident Loop - Vercel + Statuspage

Workflow pack that closes the loop between Vercel production deployment failures and owner-reviewed Statuspage incident communication. It depends on the Vercel and Statuspage capability packs, detects one unhandled failed production deployment at a time, writes a data.shared proposal, notifies the owner, and provides a manual action recipe that either creates the Statuspage incident and links it back to the Vercel deployment or dismisses the proposal when no customer-facing incident is needed. It does not duplicate Vercel's native deployment notifications, rollback controls, or webhooks; those stay in Vercel. It also does not auto-publish customer-facing Statuspage updates from unattended automation.

pack:vercel-statuspage-incidentvercelstatuspagedeployments
by Recued CoreCertified v1 1 item Pack
Deployments - Vercel

API capability pack for bounded Vercel REST API calls against https://api.vercel.com only. Reads identity, teams, projects, deployments, deployment events, aliases, project domains, and project environment-variable metadata for daily solo-developer and small-business release operations. Approval-gates deployment cancel/promote/rollback, project pause/unpause, project-domain add/verify/remove, and one project environment-variable create/update/remove. Enroll a Vercel bearer-token connection named vercel; no credential is embedded in the manifest. Environment reads pin decrypt=false and do not project secret values. The pack intentionally excludes deployment creation/file upload, deployment file-content reads, DNS record mutation, domain purchases/transfers/registrar changes, project deletion, team membership mutation, token management, billing, webhooks, log drains, arbitrary feature-flag management, arbitrary project settings, and arbitrary API passthrough.

pack:vercelverceldeploymentsprojects
by Recued CoreCertified v1 7 items Pack
Vips Pack

V3 deterministic image-transform capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local libvips CLI ingredient exposes readiness, thumbnails, resize, PNG conversion, metadata-stripped optimized JPEG export, and WebP export via fixed catalog operations. Write-tier but approval=never: vips writes only to an engine-managed throwaway output dir and each result is captured as result.file_ref; image bytes never flow through stdout values. The output format is selected from fixed file suffixes and bounded save options, never from caller-supplied filenames or arbitrary vips flags. Requires vips on PATH (Debian/Ubuntu: apt install libvips-tools; macOS: brew install vips). Local and no-egress. Use this pack for fast local image normalization and web-ready derivatives; use specialized optimizers such as jpegoptim/oxipng when the workflow must preserve the source format exactly.

pack:vipsvipslibvipscli
by Recued CoreCertified v1 1 item Pack
Vitest Pack

V3 JavaScript/TypeScript test-run capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local vitest CLI runs one trusted test file, directory filter, or filename:line filter from an explicit project directory cwd and returns plain test output via the javascript.test_run catalog operation. Fixed invocation, but approval-gated: Vitest loads project Vite/Vitest config and executes test, setup, transform, and dependency code, so the run may write caches or project state depending on the project. The pack uses single-run mode, the built-in default reporter, colors disabled, coverage/browser/UI/snapshot-update surfaces disabled, no custom config/root/project/reporter/output-file/watch/debug/list/cache-clear/MCP-like server/browser/shard/changed/typecheck/filter-expression/stdin/shell surface, and a target validation pattern that rejects leading-dash values so the editable target cannot become a Vitest flag. Test failures and no-tests-found outcomes are represented as successful text output; the runner output remains authoritative for distinguishing assertion failures from configuration/runtime errors. Requires vitest on PATH.

pack:vitestvitestjavascripttypescript
by Recued CoreCertified v1 1 item Pack
Wave Invoice Reminder Exception

Workflow pack for Wave invoice-reminder exceptions. It adds a collections brief, an owner-approved Wave invoice email for cases native reminders cannot cover, and a scheduled watcher that closes the shared lifecycle when Wave reports the invoice paid or resolved. It depends on the Wave capability pack and does not create or edit invoices, record payments, change customers, or replace Wave native reminders.

pack:wave-invoice-reminder-exceptionwaveinvoicescollections
by Recued CoreCertified v1 2 items Pack
Accounting - Wave

API capability pack for bounded Wave Accounting GraphQL operations against https://gql.waveapps.com only. Reads the authenticated user, setup constants, businesses, customers, products/services, invoices, invoice payments, chart-of-account payment accounts, sales taxes, vendors, and estimates. Bundles daily bookkeeping, collections, customer/product intake, invoice and estimate draft/send, estimate-to-invoice conversion, manual payment workflows, and a closed-loop invoice reminder-exception pair that sends an owner-approved Wave invoice email only when native reminders are insufficient, then watches Wave until the invoice is paid or resolved. Enroll a Wave OAuth access token or personal full-access token connection as bearer auth; no credential is embedded in the manifest. Writes are approval-gated and limited to customer create/update, product create/update, invoice create/update/clone/approve/mark-sent/send, invoice payment record/update/receipt-send, estimate create/update/clone/approve/mark-sent/mark-accepted/send/PDF/convert, and estimate deposit payment record/update/receipt-send. The pack intentionally excludes customer/product/invoice/estimate delete or archive, account/tax mutation, money transaction creation, estimate acceptance reset, webhooks, arbitrary GraphQL passthrough, OAuth app administration, and cross-host egress.

pack:wavewaveaccountinginvoicing
by Recued CoreCertified v1 13 items Pack
wc Pack

V3 deterministic text/file-count capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local wc CLI ingredient exposes bounded read-only count metadata for one trusted local path: byte count, line count, word count, character count, longest line, and combined line/word/byte counts. The operations return wc's count output only; they do not return file content, read stdin, accept file lists, recurse directories, follow shell globs, expose arbitrary wc flags, write outputs, use environment overrides, or use a shell wrapper. Editable paths reject flag-like values, URL-like references, and scp-style remotes. Requires a POSIX-compatible wc on PATH. Local and no-egress.

pack:wcwcclitext
by Recued CoreCertified v1 1 item Pack
WeasyPrint Pack

V3 deterministic HTML-to-PDF capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local WeasyPrint CLI renders one source HTML document to a PDF via the html.to_pdf catalog operation. Fixed-function and reproducible: the executor materializes the source HTML and owns the throwaway output directory, while WeasyPrint writes a fixed document.pdf result captured as result.file_ref. Write-tier but approval=never: WeasyPrint writes only to an engine-managed output dir and exposes no arbitrary flags. Use self-contained/local HTML inputs; the pack does not expose URL input or asset-fetch controls. Requires weasyprint on PATH (Debian/Ubuntu: apt install weasyprint).

pack:weasyprintweasyprintclihtml
by Recued CoreCertified v1 1 item Pack
Team Chat - Webex

API capability pack for bounded Webex Messaging v1 operations against https://webexapis.com/v1 only. Reads the current person, people lookup, rooms, messages, and room memberships, and supports approval-gated posting of one room message or threaded reply. Bundles a scheduled room activity digest, an AI-assisted message brief, and an approval-gated room update workflow. Enroll a Webex OAuth bearer connection named webex with the narrowest Messaging scopes needed for the installed operations. The pack intentionally excludes room create/update/delete, membership mutation, message edit/delete, files and attachments, webhooks and events, meetings, calling, devices, admin/compliance organization access, and arbitrary API passthrough.

pack:webexwebexchatrooms
by Recued CoreCertified v1 4 items Pack
Sites - Webflow

API capability pack for bounded Webflow Data API v2 operations against https://api.webflow.com/v2 only. Reads the authorized user, sites, domains, redirects, CMS collections and items, pages, assets, forms and submissions, comments, products, orders, and ecommerce settings for daily site and small-business operations. Approval-gates staged CMS item create/update and explicit 301 redirect create/update. Enroll a Webflow site token, workspace token, or OAuth bearer connection named webflow; no credential is embedded in the manifest. The pack intentionally excludes site publish, live CMS publish/unpublish, deletes, custom code mutation, page/component mutation, asset upload/delete, form submission mutation, order mutation, inventory mutation, webhooks, workspace administration, audit-log enterprise APIs, and arbitrary API passthrough.

pack:webflowwebflowsitescms
by Recued CoreCertified v1 1 item Pack
Weekly Owner Review

Read-only weekly review pack for one-person companies. It composes the Solo Work Queue and Recued-native discipline topics into a Monday owner review: open loops, stalled projects, projects without next actions, commitment reliability, warm notes, meeting context, and relationship context. This pack owns the review ritual, not any new execution primitive.

pack:weekly-owner-reviewsoloone-person-companycold-start
by Recued CoreCertified v1 1 item Pack
Whisper Pack

V3 deterministic audio-parse capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local whisper CLI transcribing a recorded audio file (mp3 / wav / m4a / flac / ogg — whisper auto-decodes via ffmpeg) into plain text the model can read, via the audio.transcribe catalog operation. This is the media-toolkit parse-in flagship — audio -> text mirrors docling's document -> Markdown. Fixed-function and reproducible: transcription happens locally before any model sees the content. Write-tier but approval=never: the transcript is a faithful local file write into an engine-managed throwaway temp dir, ingested into data.file.received (CAS) and surfaced as result.file_ref; the temp dir is removed after capture, so the only durable copy is the content-addressed, Gateway-gated data.file record (output_capture). A downstream ai-* step reads the transcript via { file_ref } so the content never flows through op-step values. The source can be a data.file ref (the ffmpeg media.extract_audio handoff, or a Drive/manual download) or a local path (input_materialize). Long recordings (whisper runs an ML model) can exceed the 90s foreground cap; those ride a detached execution path when it lands. Requires the openai-whisper CLI (pip:openai-whisper) and ffmpeg on PATH (whisper shells out to ffmpeg to decode); the model weights download on first run. Part of the Lane-1 media toolkit alongside ffmpeg (extract audio) and imagemagick (convert images).

pack:whisperwhisperclimedia
by Recued CoreCertified v1 1 item Pack
Knowledge - Wikipedia

No-auth API capability pack for bounded English Wikipedia lookups against https://en.wikipedia.org only. The pack exposes page search through MediaWiki Core REST and page summaries through the Wikimedia REST page-summary endpoint. No credential is embedded or required; the pack fixes the host, paths, search limit, and identifying API user agent.

pack:wikipediawikipediaknowledgesearch
by Recued CoreCertified v1 1 item Pack
WooCommerce Customer Reply Desk

Workflow pack for WooCommerce order customer replies. It composes the WooCommerce capability pack with Email / Outbox and the existing outbound response loop: read one order and customer context, draft a grounded plain-text response, send only when send_reply is explicitly enabled so the mail-send approval boundary handles the customer-facing write, then watch the customer reply and surface actionable responses for owner follow-up or conversion. WooCommerce remains read-only in this workflow; it does not edit orders, refunds, products, inventory, coupons, payment gateways, shipping settings, webhooks, WordPress admin surfaces, or arbitrary endpoints.

pack:woocommerce-customer-reply-deskwoocommercecommerceorders
by Recued CoreCertified v1 6 items Pack
Commerce - WooCommerce

API capability pack for bounded WooCommerce REST API v3 operations. The default egress base is https://example.com/wp-json/wc/v3; enroll a woocommerce connection with base_url set to the actual store endpoint, for example https://store.example.com/wp-json/wc/v3, and Basic auth using the WooCommerce consumer key as username and consumer secret as password. Reads store status, reference data, orders, notes, refunds, products, variations, categories, tags, reviews, customers, downloads, coupons, reports, payment gateways, shipping zones and methods, settings, and webhooks. Bundles a scheduled store performance digest, an AI-assisted order/customer brief, and an approval-gated coupon offer workflow. Writes are approval-gated and limited to one order/manual order, order note, product, variation, category, tag, review, customer, coupon, or webhook at a time. The pack intentionally excludes destructive deletes, batch endpoints, refund creation, payment-gateway mutation, tax/shipping mutation, system-status tools, product duplication, bulk imports, checkout/cart/session APIs, WordPress admin APIs, arbitrary API passthrough, and credential-bearing fields in operation arguments.

pack:woocommercewoocommercecommerceorders
by Recued CoreCertified v1 4 items Pack
Site CMS - WordPress

API capability pack for bounded WordPress REST API v2 operations. The default egress base is https://example.com/wp-json; enroll a wordpress connection with base_url set to the actual site REST root, for example https://site.example.com/wp-json, and Basic auth using a WordPress username plus an Application Password for authenticated reads and writes. Reads REST index metadata, site settings, posts, pages, revisions, media metadata, comments, categories, tags, users, search results, taxonomies, post types, and statuses for daily site publishing operations. Bundles a scheduled content digest, an AI-assisted post brief, and an approval-gated post-draft workflow. Writes are approval-gated and limited to creating or updating one post, page, media metadata record, comment, category, or tag at a time. The pack intentionally excludes destructive deletes, binary media uploads, plugin/theme/sidebar/widget/global-style mutation, user create/update/delete, application-password management, settings mutation, custom endpoint passthrough, unauthenticated credential arguments, arbitrary WordPress admin APIs, and plugin-specific REST namespaces.

pack:wordpresswordpresscmssite
by Recued CoreCertified v1 4 items Pack
Identity Access - WorkOS

API capability pack for bounded WorkOS REST API operations against https://api.workos.com only. Enroll a WorkOS API-key connection named workos that injects Authorization: Bearer <sk_...>; no credential is embedded in this manifest. The pack reads organizations, AuthKit users, organization memberships, invitations, SSO connections, directory sync directories/users/groups, environment roles, organization roles, and permissions for B2B SaaS access governance, customer onboarding, directory-sync review, and offboarding. It exposes WorkOS before/after list cursors as explicit query args. Writes are approval-gated and limited to creating or updating one organization, user, invitation, or organization membership, and deactivating/reactivating one membership. The pack intentionally excludes deletes, password/password-hash fields, authentication token exchange, session revocation, API key creation, audit-log ingestion/export, SSO authorize/token/profile flows, destructive role/permission deletes, feature flags, data integrations, webhooks, and arbitrary WorkOS API passthrough.

pack:workosworkosidentityaccess-governance
by Recued CoreCertified v1 7 items Pack
XLSX2CSV Pack

V3 deterministic spreadsheet-to-CSV capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local xlsx2csv CLI converts the first worksheet of one XLSX workbook to UTF-8 CSV via the spreadsheet.to_csv catalog operation. Fixed-function and reproducible: the executor materializes the source workbook and owns the throwaway output directory, while xlsx2csv writes a fixed sheet.csv result that is captured as result.file_ref. Write-tier but approval=never: xlsx2csv writes only to an engine-managed output dir, exposes no arbitrary flags, and never streams workbook bytes through op-step values. Requires xlsx2csv on PATH (Debian/Ubuntu: apt install xlsx2csv; Python environments: pip install xlsx2csv). Local and no-egress.

pack:xlsx2csvxlsx2csvclispreadsheet
by Recued CoreCertified v1 1 item Pack
XMLLint Pack

V3 deterministic XML validation and formatting capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local xmllint CLI ingredient exposes readiness, well-formedness validation, captured XML formatting, and ordered two-file XSD/RelaxNG validation operations. Fixed-function and reproducible: file inputs are materialized by the executor, formatted output is written only to an engine-managed output directory, schema validation returns only exit status, and recipes cannot pass arbitrary parser flags, DTD URLs, network fetches, shell wrappers, or caller-controlled output paths. Requires xmllint on PATH (Debian/Ubuntu: apt install libxml2-utils; macOS: xmllint ships with libxml2/system tools). Local and no-egress.

pack:xmllintxmllintxmlvalidate
by Recued CoreCertified v1 1 item Pack
Yamllint Pack

V3 deterministic YAML lint capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local yamllint CLI checks one trusted local YAML file or directory and returns parsable text diagnostics via the yaml.lint catalog operation. Fixed-function and reproducible: no arbitrary yamllint flags, no caller-supplied config path, no stdin stream, no strict-mode toggle, no shell wrapper, and no network egress. The built-in relaxed profile is pinned through argv so ambient .yamllint files, user config files, and YAMLLINT_CONFIG_FILE do not change pack behavior. Lint findings are represented as text output instead of failing the op; real invocation errors still fail. Requires yamllint on PATH. Local and no-egress.

pack:yamllintyamllintyamllint
by Recued CoreCertified v1 1 item Pack
Yarn Pack

V3 Yarn toolchain capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local yarn CLI ingredient exposes bounded project operations for readiness and package test execution. Project operations run from an explicit project directory cwd supplied at execution time, avoid caller-supplied Yarn flags, avoid shell wrappers, and keep diagnostics visible as text output. Test execution is approval-gated because package scripts execute project-defined code and Yarn lifecycle behavior. The pack exposes no caller-supplied script name, package-manager flags, workspace selectors, install/update/audit command, registry, env override, stdin, or arbitrary command execution. Requires yarn on PATH.

pack:yarnyarnjavascriptnodejs
by Recued CoreCertified v1 1 item Pack
Video - YouTube

API capability pack for bounded YouTube Data API v3 calls against https://youtube.googleapis.com only. Reads channel, video, search, playlist, playlist-item, comment, caption, subscription, category, region, and language metadata for daily creator and small-business content workflows. Approval-gates playlist creation/update/deletion, adding/reordering/removing one playlist item, posting one top-level comment or reply, moderating one comment, and deleting one comment. It also bundles a scheduled channel content digest, an AI-assisted video and comment review brief, and approval-gated playlist creation workflow. The bundled recipes only use playlist.create and playlist_item.add as writes. Enroll a Google OAuth bearer connection named google with the narrowest YouTube Data API scopes required for the installed operations; no credential is embedded in the manifest. The pack intentionally excludes video upload/update/delete/rating/reporting, thumbnail and caption media upload/download, live broadcast/live chat controls, channel branding/sections/watermarks, subscription writes, partner/content-owner administration, arbitrary part passthrough for audit details, arbitrary Google APIs, and arbitrary YouTube API passthrough.

pack:youtubeyoutubevideocreator
by Recued CoreCertified v1 4 items Pack
yt-dlp Pack

V3 deterministic media-download capability pack. By-value cli composition (service_kind=cli, no separate service ingredient): one local yt-dlp CLI ingredient exposes readiness, URL metadata JSON, available format listing, and detached media download. Metadata and format inspection are read-tier but approval=ask because yt-dlp contacts the remote URL; they do not download media or write output files. The media.download operation is launched as a Recued-managed DETACHED one-shot job (NOT a supervised daemon): a download realistically runs for many minutes past the foreground execution cap, so the launcher detaches the child, redirects output to {result_dir}/{key}.log, and writes {result_dir}/{key}.pid + the {result_dir}/{key}.exit.<code> completion marker. The downloaded media lands at {result_dir}/{key}.<ext> and a downstream D-179 sweeper recipe reconciles marker/log evidence; the log carries the exact `[download] Destination:` path. All URL operations ignore user config files, browser cookies, cookie files, and persistent cache by default so pack behavior is bounded and does not silently inherit local account state. Requires the yt-dlp binary on PATH (pip install --user yt-dlp). Replaces the retired yt-dlp-{linux,macos,win} service templates.

pack:yt-dlpyt-dlpclimedia
by Recued CoreCertified v1 1 item Pack
Zapier Pack

API capability pack for the bounded Zapier Workflow API at https://api.zapier.com. Enroll a zapier API connection as an OAuth bearer token for user-scoped operations, or pass query.client_id for client-id endpoints where Zapier allows it. The pack reads profile, apps, categories, templates, Zaps, Zap runs, actions, dynamic fields, choices, output fields, authentications, action-run results, and Zap guesses; it creates Zaps, app authentications, action runs, and action tests with approval. It intentionally excludes the browser OAuth authorize redirect, White Label external JWT flows, hosted Zapier MCP server control, Zapier Tables/Interfaces private product APIs, arbitrary API-by-Zapier passthrough, and unbounded webhooks.

pack:zapierzapierautomationworkflow
by Recued CoreCertified v1 1 item Pack
ZBar Image Scanner Pack

V3 deterministic barcode/QR image scan capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local zbarimg CLI reads one trusted local image path and returns decoded barcode payload text via the image.scan_barcode catalog operation. This is the read-side complement to the existing qrencode pack. The operation is path-based because decoded payloads are stdout value output; it does not combine file_ref materialization with value capture. Requires zbarimg on PATH (Debian/Ubuntu: apt install zbar-tools). Local and no-egress.

pack:zbarimgzbarimgzbarcli
by Recued CoreCertified v1 1 item Pack
Zendesk Ticket Reply Closure Loop

Workflow pack for Recued-sent Zendesk public replies. It composes the Zendesk capability pack with a closure ledger: send one public ticket reply through the existing Zendesk approval gate, persist only the connection/ticket reply-watch linkage in data.shared, and let a scheduled watcher re-read that exact ticket until Zendesk reports solved/closed or an owner-actionable status such as new/open. This pack does not replace Zendesk triggers, automations, views, macros, SLA policy, or helpdesk queue rules; it adds Recued-visible closure state for tickets Recued replied to.

pack:zendesk-ticket-reply-closurezendesksupportticket
by Recued CoreCertified v1 3 items Pack
Support - Zendesk

API capability pack for bounded Zendesk Support and Help Center operations. Enroll a zendesk API connection with base_url set to the tenant API root, for example https://example.zendesk.com/api/v2; the manifest default uses that documented example host but dispatch uses the enrolled connection's base_url. The pack reads the current user, users, groups, brands, tickets, ticket comments, ticket audits/metrics, ticket fields/forms, organizations, views, macros, satisfaction ratings, and Help Center categories/sections/articles/comments; it creates and updates tickets with approval. Bundles a scheduled view ticket digest, an AI-assisted ticket review brief, and an approval-gated ticket reply workflow. Deletes, bulk updates, attachments, comment redaction, macro execution/application, triggers, automations, SLA/admin settings, permission changes, and arbitrary Zendesk endpoints are intentionally not exposed. Enroll a Zendesk OAuth access token or API-token-backed bearer connection; no credential is embedded in the manifest. Ticket writes are approval-gated.

pack:zendeskzendesksupporttickets
by Recued CoreCertified v1 4 items Pack
ZIP Pack

V3 deterministic ZIP archive capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local zip CLI ingredient exposes readiness, compressed single-file archive creation, store-only single-file archive creation, and ZIP integrity testing. Fixed-function and reproducible: the executor materializes source files and owns the throwaway output directory, while zip writes fixed archive results captured as result.file_ref. Write-tier operations write only to an engine-managed output dir, read-tier testing returns only exit status, and recipes cannot pass arbitrary flags, recurse into directories, encrypt archives, read file lists from stdin, move/delete source files, add comments, or choose output paths. Requires the zip binary on PATH (Debian/Ubuntu: apt install zip; macOS: zip is commonly installed with the system tools). Local and no-egress.

pack:zipzipcliarchive
by Recued CoreCertified v1 1 item Pack
CRM - Zoho CRM Back Office

API capability pack for bounded Zoho CRM back-office operations. Uses the shared Zoho CRM OAuth connection and fixed Zoho CRM API V8 endpoints. Covers organization/user/module/field lookup, contact/account lookup, products, price books, quotes, sales orders, invoices, purchase orders, vendors, and notes. Writes are approval-gated and limited to one product, price book, quote, sales order, invoice, purchase order, vendor, or note operation at a time. Excludes lead/deal pipeline mutation, service appointment booking, quote/order/invoice/purchase-order line-item recipes, payment/refund/receiving/bill recording, deletes, bulk APIs, COQL/query APIs, admin mutation, arbitrary module passthrough, attachments, files, functions, webhooks, and credential-bearing operation arguments.

pack:zoho-crm-backofficezohozoho-crmcrm
by Recued CoreCertified v1 8 items Pack
CRM - Zoho CRM Work

API capability pack for bounded Zoho CRM work and service operations. Uses the shared Zoho CRM OAuth connection and fixed Zoho CRM API V8 endpoints. Covers organization/user lookup, cases, solutions, tasks, calls, events/meetings, services, appointments, and customer lookup. Writes are approval-gated and limited to one case, solution, task, call, event, service, appointment, or note operation at a time. Excludes sales pipeline mutation, back-office inventory documents, service creation, service member/pricing/tax recipes, appointment deletes, appointment preference mutation, appointment rescheduled-history direct writes, bulk APIs, COQL/query APIs, admin mutation, arbitrary module passthrough, attachments, files, functions, webhooks, and credential-bearing operation arguments.

pack:zoho-crm-workzohozoho-crmcrm
by Recued CoreCertified v1 7 items Pack
Meetings - Zoom

API capability pack for bounded Zoom Meetings operations against https://api.zoom.us/v2 only. Reads users, user settings, scheduled meetings, invitations, registrants, polls, past-meeting participants, Q&A, poll results, recordings, recording files, recording analytics, and recording registrants for daily meeting operations that go beyond the generic calendar surface. Approval-gates creating/updating/canceling meetings and adding or approving/denying registrants. It also bundles a scheduled upcoming-meetings digest, an AI-assisted meeting and recording review brief, and approval-gated meeting creation workflow. The bundled recipes only use meeting.create as a write. Enroll a Zoom OAuth or server-to-server OAuth bearer connection named zoom; no credential is embedded in the manifest. Zoom Calendar, Chat, Phone, Rooms, webhooks, user administration, settings mutation, poll mutation, recording deletion, recording download passthrough, livestream controls, in-meeting controls, and arbitrary API passthrough are intentionally not exposed.

pack:zoomzoommeetingsvideo
by Recued CoreCertified v1 4 items Pack
Zstandard Pack

V3 deterministic Zstandard compression capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local zstd CLI ingredient exposes readiness, default compression, fast compression, decompression, and compressed-stream integrity testing. Fixed-function and reproducible: the executor materializes source files and owns the throwaway output directory, while zstd writes fixed output files that are captured as result.file_ref. Write-tier operations write only to an engine-managed output dir, read-tier testing returns only exit status, and recipes cannot pass arbitrary flags, dictionaries, recursive inputs, file lists, source-removal flags, shell wrappers, or caller-controlled output paths. Requires the zstd binary on PATH (Debian/Ubuntu: apt install zstd; macOS: brew install zstd). Local and no-egress.

pack:zstdzstdclicompression
by Recued CoreCertified v1 1 item Pack
Subscription Revenue - Zuora

API capability pack for bounded Zuora Billing v1 revenue operations. Enroll a Zuora OAuth2 bearer connection named zuora with base_url set to the tenant REST endpoint, for example https://rest.zuora.com, https://rest.na.zuora.com, or a documented sandbox endpoint. The pack reads accounts, account summaries, account subscriptions, subscriptions, invoices, product catalog, orders, product charge definitions, and bill runs through documented Zuora REST endpoints. Bundled recipes provide a scheduled revenue operations digest, an account revenue brief, a catalog readiness brief, and guarded account intake. Writes are approval-gated and limited to creating one account without payment methods or subscriptions. Subscription/order/invoice mutation, payment-method creation or authorization, bill-run creation/post/cancel/delete, invoice post/reverse/write-off/collection/delete, order activation/cancel/delete, OAuth token exchange, object CRUD, exports, files, webhooks, custom object mutation, and arbitrary Zuora API passthrough are intentionally not exposed. No credential is embedded in the manifest.

pack:zuorazuorabillingsubscriptions
by Recued CoreCertified v1 5 items Pack