Skip to main content
Vendo sync extracts OpenAPI operations, tRPC procedures, and host routes into .vendo/tools.json. Extraction runs during build and development so the tool surface does not drift. Extractors run in a fixed order: OpenAPI first, then tRPC, then the route scan. Each extractor decides whether it applies to your app; the ones that do not detect anything are skipped. When the tRPC extractor emits tools for a mount, the opaque /api/trpc/[trpc] catch-all from the route scan is dropped so you do not see duplicate coverage of the same surface.
Tool names use letters, numbers, _, and -, with a maximum of 64 characters. Use _ for namespaces. Each descriptor includes JSON Schema input and a read, write, or destructive risk label. Route scans fail closed. The extractor emits any route it cannot classify as disabled, with a note.

tRPC procedures

If your app mounts a tRPC router, sync extracts each procedure as its own tool. The extractor statically parses your router — no server runs — and follows router({...}), createTRPCRouter, and mergeRouters across nested and cross-file routers. Both app router and pages router mounts are supported, and each mount is detected independently.
Each tRPC tool name uses the procedure’s dot path with _ as the namespace separator. The binding records the procedure, its query or mutation type, the mount path, and the transformer when one is in use. At runtime Vendo speaks the tRPC HTTP envelope. Queries use GET {mount}/{procedure}?input= and mutations POST with a JSON body. When the router uses superjson, Vendo wraps and unwraps the payload automatically. Auth is unchanged from route tools. Present calls forward the inbound cookie and authorization headers on same-origin fetches, and away calls still require the host’s actAs seam plus an app-bound grant. Risk labels follow the procedure type. Queries are read only when the procedure name reads like a fetch; anything else falls back to the conservative default. Mutations default to write, and the destructive word list can lift them to destructive — the same rules that apply to route tools. Subscriptions and any procedure the extractor cannot classify are emitted as disabled with a note so you can promote them explicitly through overrides. Zod input schemas are interpreted into JSON Schema for common patterns (objects, primitives, unions, enums, optionals). If the extractor cannot recognize a validator, it fails closed to a permissive schema and adds a note so the tool still surfaces without blocking your build. The extractor loads the TypeScript compiler from your app’s own node_modules. If TypeScript is not available, tRPC extraction is skipped with a warning and no tRPC tools are emitted — extraction never fails your build.

Durable overrides

Sync never edits overrides. Overrides win field by field, then Vendo computes the descriptor hash. A risk change intentionally lapses old grants: the next call parks a fresh approval that names the invalidated grant and audits one grant-invalidated policy decision. See Tools and safety for the surfaced notice and event shape. Overrides also apply to compound tools declared in .vendo/capabilities.json. A compound entry inside tools.json is rejected — compounds live in the capabilities file. Present route calls forward the inbound request’s cookie and authorization headers on a same-origin fetch. Away calls require both an app-bound grant and the host’s actAs seam. See actAs presets for provider-specific wiring.