Philidor Docs
Guides

Agent Integration

Wire Philidor risk checks into your AI agent workflow — pre-trade screening, portfolio monitoring, and automated alerts.

AI agents making DeFi decisions should check risk before executing. Philidor provides the data layer for risk-aware autonomous agents.

Architecture

User Request → AI Agent → Philidor MCP/API → Risk Data → Decision

The agent receives a request (e.g., "deposit USDC into highest-yield vault"), queries Philidor for risk scores, and makes an informed decision rather than optimizing purely for yield.

MCP Integration (Preferred)

The fastest path is connecting your agent to the MCP server:

claude mcp add philidor --transport http https://mcp.philidor.io/api/mcp

The agent automatically gets access to 10 tools, 3 resources, and 3 prompts.

Example Agent Workflow

  1. User: "Find USDC vaults ranked by net APY"
  2. Agent calls search_vaults with asset=USDC, sortBy=apr_net, sortOrder=desc
  3. Agent calls get_vault_risk_breakdown for the top-ranked result
  4. Agent checks if risk tier is acceptable (Prime or Core)
  5. Agent surfaces the vault with its risk context

REST API Integration

For agents that don't support MCP, use the REST API directly:

async function checkVaultRisk(network: string, address: string) {
  const res = await fetch(`https://api.philidor.io/v1/vault/${network}/${address}`);
  const { data } = await res.json();
  const vault = data.vault;

  return {
    score: vault.total_score,
    tier: vault.risk_tier,
    isAudited: vault.is_audited,
    // deposit_status is the canonical tri-state signal — read this, not the
    // boolean. 'open' = confirmed accepting deposits, 'closed' = maxDeposit
    // is zero on chain, 'unknown' = not yet probed (typically non-ERC4626).
    depositStatus: vault.deposit_status as 'open' | 'closed' | 'unknown',
    capacityUsd: vault.deposit_capacity_usd, // null when uncapped/unknown
    isSafe: vault.total_score >= 8.0 && vault.is_audited && vault.deposit_status !== 'closed',
  };
}

// Agent decision logic
const risk = await checkVaultRisk('ethereum', '0x8eB67...');
if (risk.depositStatus === 'closed') {
  return 'This vault is currently rejecting new deposits on-chain (caps reached, paused, or queue saturated). Pick a different vault.';
}
if (risk.depositStatus === 'unknown') {
  // Optional: do a pre-flight maxDeposit call from the user's wallet here
  // before composing the deposit tx, to avoid the rare revert path.
}
if (!risk.isSafe) {
  return "This vault doesn't meet the minimum safety threshold (Prime tier, audited).";
}

Pre-trade screening at the list level

When routing capital across many vaults — picking the best USDC vault, for example — exclude confirmed-closed vaults at the server with ?depositable=true, then apply your strictness policy on the response:

const res = await fetch(
  'https://api.philidor.io/v1/vaults?asset=USDC&depositable=true&sortBy=apr_net&sortOrder=desc&limit=20'
);
const { data: candidates } = await res.json();

// Server-side `depositable=true` drops `closed` but keeps `unknown`. Conservative
// routers should additionally require deposit_status === 'open' here.
const safe = candidates.filter((v) => v.deposit_status === 'open');

// Size each candidate against its remaining cap (when known).
for (const v of safe) {
  const headroom = v.deposit_capacity_usd; // number | null
  const sizeable = headroom == null || headroom >= myDepositSize;
  if (!sizeable) continue;
  // ...
}

This is the single most common foot-gun for yield-seeking agents: a vault can show 20%+ APY but have maxDeposit == 0 at the contract level — the yield is residual interest on the existing position and new principal cannot enter.

Risk Guardrails

Agents should enforce risk guardrails before executing DeFi operations:

GuardrailCheckThreshold
Accepts depositsdeposit_statusMust be "open" (strict) or not "closed"
Withdrawals workwithdraw_statusMust be "open" for symmetric round-trip routing
Data is freshfreshness_seconds< 3600 (or your tolerance) — never route on stale state
Minimum risk tierrisk_tierPrime or Core
Audit requirementis_auditedMust be true
Minimum TVLtvl_usd> $1M
Capacity availabledeposit_capacity_usdNull or ≥ planned size
Oracle qualityAsset vector score>= 7
No recent incidentsCheck events endpointNo incidents in 90 days
No recent state flapping/v1/events?eventType=DepositabilityChange&vault_id=…Sanity-check the last 24h before routing large size

Portfolio-Level Checks

Before adding a new position, check portfolio concentration:

const positions = await fetch(`https://api.philidor.io/v1/address/${wallet}/positions`);
const { data } = await positions.json();

// Check if adding this vault would exceed protocol concentration
const protocolExposure = data.positions
  .filter((p) => p.protocol_name === newVault.protocol_name)
  .reduce((sum, p) => sum + parseFloat(p.balance_usd), 0);

const totalValue = parseFloat(data.summary.total_value_usd) + depositAmount;
const concentration = (protocolExposure + depositAmount) / totalValue;

if (concentration > 0.5) {
  return 'Adding this position would exceed 50% concentration in one protocol.';
}

Future: Agent-First DeFi

Philidor's roadmap prioritizes agent-first infrastructure:

  • Structured risk data optimized for LLM consumption
  • Real-time webhook notifications for risk tier changes
  • Portfolio simulation endpoints (proposed allocation → projected risk)
  • Agent authentication for personalized risk policies

Building with the API

TypeScript and Python code examples — fetch vaults, filter by risk tier, and build dashboards with the Philidor API.

Supported Chains

6 chains — Ethereum, Base, Arbitrum, Polygon, Optimism, Gnosis — with chain IDs and finality confirmation depths.

On this page

ArchitectureMCP Integration (Preferred)Example Agent WorkflowREST API IntegrationPre-trade screening at the list levelRisk GuardrailsPortfolio-Level ChecksFuture: Agent-First DeFi
Raw