Starcat Operating Your Apps
When you chat with Starcat at the organization level — including the chat sidebar next to an app you’ve opened — it can operate your apps directly:- Call an app’s API — “Get the latest orders from the POS app”
- Discover endpoints — “What can I call on the invoicing app?”
- List apps — “Which apps in our org can the agent operate?”
Environment
When you’re viewing an app in the app shell, the agent operates the app in the environment you’re looking at — if you’re viewing production, it calls production; if you’re viewing a preview, it calls the preview. When the agent isn’t tied to an app you’re viewing, it defaults to production. You can override this by asking — “try this against the sandbox” — but you normally don’t need to think about it.The Developer Agent Inside a Project
When you chat with the agent inside a specific project, it can call other apps too — for example to test an integration you’re building:- Call another app’s API — “Call the inventory app’s
/api/productsendpoint” - Choose the environment — “Call the CRM app’s sandbox to test the new endpoint”
Allowing Starcat to Operate an App
By default, Starcat cannot operate an app. Open the app’s Settings → Cross-App tab and turn on Allow agent access. Once it’s on, choose which of the app’s environments the agent may call:| Environment | When to allow |
|---|---|
| Production | The agent can operate the live app |
| Preview | The agent can operate branch-preview deployments |
| Sandbox | The agent can operate the dev sandbox |
Allow agent access (Starcat calling into this app) is separate from Developer-agent callable environments (the in-project agent calling out from this project). One controls what Starcat may operate; the other controls where a project’s own agent may originate calls.
Endpoint Discovery
Before making a call, the agent can discover what endpoints a target app exposes — useful when you don’t remember the exact path or want to see what an endpoint expects. Ask the agent things like:- “What endpoints does the project-management app have?”
- “Show me the API routes on the invoicing app”
- “What does the
/api/tasksendpoint expect as input?”
What Still Applies
Agent calls go through the same checks as SDK calls — the agent can’t bypass them:- The endpoint must be published (or the app must have Allow all endpoints on)
- Built-in rate limits apply
- For Starcat, the target app must have Allow agent access on for the requested environment
- For the developer agent, the calling project needs a grant or allow-all access to the target
Examples
Operate an app you’re viewing:“Mark order #1043 as refunded.” (said to the Starcat sidebar while viewing the orders app)Move data across apps:
“Get all customers from the CRM app and create corresponding contacts in the support app.”Build and test an integration (from a project chat):
“Call the payments app’s /api/webhooks/test endpoint from this project’s sandbox and show me the response.”
Discover and explore:
“List the apps the agent can operate, then show me what endpoints the top-selling app has.”