ARSENAL
CLI
`map invoke ARSENAL` recipes for every operation.
The CLI is a Rust binary at services/map-cli. After map login you can dispatch any operation on ARSENAL from the shell.
Common flags
| Flag | Effect |
|---|---|
--input <json> | Operation payload (or read from stdin) |
--version v1.0.0 | Pin a specific protocol version |
--idempotency-key <k> | Required for safe retries of state-changing ops |
--audit-tail | Print the audit record(s) produced |
--output human | Pretty-print response (default: json) |
Recipes
issue
map invoke ARSENAL issue --input '{"example":true}'Issue an ACT bound to caller, capability, and credential reference.
Capability: map.arsenal.issue
proxy
map invoke ARSENAL proxy --input '{"example":true}'Proxy an outbound HTTP call, substituting credentials at the wire under SSRF guards.
Capability: map.arsenal.proxy
consent
map invoke ARSENAL consent --input '{"example":true}'Request HITL consent for a new credential surface or sensitive invocation.
Capability: map.arsenal.consent
See CLI reference for global flags, login, MCP integration.