Skip to content
Agent-native

Docs your agents can execute.

Every hub Atloria publishes is a hosted MCP server. Agents search it, read it — and call your API through it, with credentials injected server-side that the agent never sees. Read-only by default. Writes are opt-in.

The MCP endpoint below is our own docs. It’s live — point a client at it right now.

agent · call_operation · live
# the agent reads the API, then acts
 call_operation { method: "GET", path: "/public/projects" }
← 200 OK  auth injected server-side · returned real data

 call_operation { method: "POST", path: "/projects" }
← 403  "Writes are disabled for this API target."

 asks for the API key…
← never returned. not in the tool, the transcript, or the response.

Read — table stakes, done properly

Every published hub serves llms.txt, llms-full.txt, per-page .md twins, a search index, and a hosted MCP server with six tools:

search_docs

full-text search across every generated page

read_page

return any page as clean markdown

list_pages

walk the documentation tree

get_entity

a code entity with relationships + source location

search_entities

query the parsed code graph by name or type

list_endpoints

enumerate the documented API operations

Act — call_operation

One bounded execution tool. The agent finds an operation with list_endpoints, then drives your real API through the docs.

Your API reference stops being context and becomes a set of tool definitions. Nobody else in the docs category ships this as a hosted, credential-safe capability.

Auth that never leaks

Most MCP setups bury the same step in the tutorial: “paste your API key into the agent’s config file.” That file is plaintext, long-lived, and readable by every tool the agent loads. We don’t do that.

The usual way

  • Key pasted into the agent’s config file — in plaintext.
  • Long-lived; you rotate it by hand, if you remember.
  • Every tool the agent loads can read it.

Atloria

  • Configured once, by the owner, on our server.
  • Injected at execution time — never in the tool, transcript, or response.
  • Read-only by default; writes opt-in; every call SSRF-guarded.

We tested this end-to-end rather than asserting it — the transcript in the hero is a real run against the MCP endpoint published below.

See who’s reading

Atloria classifies the AI crawlers and agents that fetch your docs and attributes their reads — so you can measure agent traffic, not guess at it.

GPTBotClaudeBotPerplexityBotAmazonbotApplebotDiffbot

Scope, honestly stated: read-analytics and crawler attribution today. Per-call execution logs are on the roadmap — Theneo’s Elva is ahead of us on that specific dashboard, and we say so below.

How this compares

verified 2026-07-11 · facts from competitors’ live docs
MCP capabilityAtloriaReadMeFernGitBookTheneo
Read docs over MCPYes — 6 toolsYesYesYesYes
Execute API operationsYes — call_operationYes (execute mode)No — query docs onlyNoYes (hosted)
Where the credential livesServer-side, injected per call — never surfacedEnd-dev pastes a token into the agent configBuilt-in on their platform
WritesOpt-in per project · 403 by defaultProxied with the user's tokenPlatform-managed
Per-call observabilityReads + crawler attribution (per-call logs: roadmap)Usage trackingPer-call dashboard — ahead of us

Connect your client

This is our own documentation, served as an MCP endpoint. Copy the snippet for your client and connect — it works right now.

Run in your terminal.

claude mcp add --transport http atloria-docs https://atloria.dev/p/atloria-self-dogfood-BDFvUbEgc3/mcp

Tools: search_docs, read_page, list_pages, get_entity, search_entities, list_endpoints.

Questions

Is it safe to let an agent call my API?
By default the agent can only read: every request is gated read-only and writes return a 403 until you explicitly opt in per project. Outbound calls pass an SSRF-guarded executor (its own test suite) that blocks private/loopback hosts, and you configure an allow-list of what the agent may touch.
Does the agent ever see my API key?
No. You configure the credential once, as the owner. Atloria injects it on our server at execution time. It never appears in the tool definition the agent loads, the conversation transcript, or the response body — we verified that end-to-end (above).
What APIs work?
Any HTTP API your docs describe. call_operation reads method + path from your generated OpenAPI, so the agent drives exactly the operations your reference documents — nothing more.
How do writes get enabled?
A per-project toggle by an owner. Until then, any non-GET operation returns a 403-shaped result the agent can reason about, so a misfire is a polite refusal, not a side effect.

Give your agents docs they can act on.

Point Atloria at a repo and get a hosted, agent-executable docs hub in about a minute.

Agent Actions — docs your agents can execute — Atloria