Integration Steps

For common fields, string substitutions, metadata filters, caching, and execution order, see the Agent Steps Overview.

Webhook Call Step

Makes an HTTP request to an external URL. Use this to integrate with external APIs, trigger workflows in other systems, post to messaging platforms, or send data to any HTTP endpoint.

Fields

Field	Type	Required	Default	Description
`url`	string	Yes	—	The endpoint URL (must start with `http://` or `https://`). Supports substitutions.
`method`	enum	No	`POST`	HTTP method: `POST` or `PUT`
`content_type`	enum	No	`application/json`	Request body content type: `application/json`, `text/plain`, `text/html`, `application/xml`
`headers`	object	No	`null`	Custom HTTP headers as key-value pairs. Header values support substitutions.
`payload`	string	No	`null`	The request body. If null, the step's input is sent as the body. Supports substitutions.

Prompt-injection scanning: Webhook response bodies are automatically scanned for prompt injection attacks by the Prompt Scanner. If the response is flagged as unsafe, downstream steps that would consume the tainted data are blocked. The scan result appears as an Output Scan pseudo-step in the agent trace.

Use Case Examples

Post to Slack:

URL: https://hooks.slack.com/services/YOUR/WEBHOOK/URL
Method: POST
Content-Type: application/json
Payload:
{
  "text": "Agent {{agent.name}} completed: {{step.summary.output}}"
}

Figure 1.Post to Slack — the agent generates a summary, formats a Slack JSON payload, and posts it via webhook.

Send to a custom API:

URL: https://api.example.com/ingest
Method: POST
Content-Type: application/json
Headers:
  Authorization: Bearer {{metadata.api_token}}
  X-Source: seclai-agent
Payload:
{
  "agent_id": "{{agent.id}}",
  "run_id": "{{agent.run_id}}",
  "result": {{step.extract_content.output}},
  "processed_at": "{{datetime UTC}}"
}

Trigger an external workflow:

URL: https://automation.example.com/webhooks/{{metadata.workflow_id}}
Method: POST
Content-Type: application/json
Payload:
{
  "event": "content_processed",
  "data": "{{step.final.output}}"
}

Figure 2.Trigger external workflow — the agent analyzes content and triggers an external automation system via webhook.

Figure 3.Webhook Notify — after processing, the agent sends results to an external system via webhook.

Web Fetch Step

Fetches a single web page and returns its content. Use this to bring external page content into an agent run when the URL is known up front.

Fields

Field	Type	Required	Default	Description
`url`	string	Yes	—	The URL of the page to fetch. Must start with `http://` or `https://`. Supports substitutions.
`format`	enum	No	`markdown`	Output format: `markdown` (best for LLM consumption), `rawHtml` (original HTML), or `text` (plain text).

Caching: Results are cached for 5 minutes per URL + format — repeated fetches of the same URL with the same format within this window return instantly without an external request, but each step run is still billed at the standard web_fetch rate.

Prompt-injection scanning: Fetched content is automatically scanned for prompt injection attacks by the Prompt Scanner. If the content is flagged as unsafe, downstream steps that would consume the tainted data are blocked. The scan result appears as an Output Scan pseudo-step in the agent trace.

Governance: The resolved URL is screened against step-input governance policies before the fetch executes — blocking policies can prevent the request entirely. The fetched content itself is not governance-screened at this step, but when it flows into a terminal step (display_result, send_email, etc.) output governance policies evaluate it there. Additionally, the downstream prompt_call input scan provides injection-detection enforcement at the LLM boundary.

Step vs. tool: Use this step when the URL is known and you want predictable, auditable fetch behavior. For autonomous, model-driven page fetching, use the seclai_web_tools tool inside a Prompt Call step instead.

Use Case Examples

Fetch a known article and summarize it:

Web Fetch:
  url: {{metadata.article_url}}
  format: markdown
  → Prompt Call: Summarize the following article in 3 bullet points.
    {{input}}
    → Streaming Result

Search → fetch top result → derive insight:

Web Search:
  query: {{agent.input}}
  limit: 5
  → Extract Content (json_path: "$[0].url")
    → Web Fetch:
        url: {{input}}
        format: markdown
        → Insight: What are the three most important takeaways?
          → Display Result

Figure 4.Search → Extract → Fetch → Insight — the agent searches the web, extracts the top URL, fetches the page, and derives key takeaways.

Figure 5.Web Fetch + Summarize — the agent fetches a URL, summarizes the page content, and streams the result.

Web Search Step

Searches the web for a query and returns matching pages with titles, descriptions, and short content snippets. Use this to discover relevant pages for a topic before deciding whether to fetch any of them in full.

Fields

Field	Type	Required	Default	Description
`query`	string	Yes	—	The search query. Supports substitutions.
`limit`	integer	No	`5`	Maximum number of search results to return (1–20).

Output shape: A JSON array of result objects, each with url, title, description, and content fields. Content snippets are truncated to ~1000 characters.

Prompt-injection scanning: Search results are automatically scanned for prompt injection attacks by the Prompt Scanner. If the content is flagged as unsafe, downstream steps that would consume the tainted data are blocked. The scan result appears as an Output Scan pseudo-step in the agent trace.

Step vs. tool: Use this step when you want a predictable, deterministic search with a fixed query template and downstream processing. For autonomous, model-driven web research, use the seclai_web_tools tool inside a Prompt Call step instead.

Use Case Examples

Search and synthesize from snippets only (no fetch):

Web Search:
  query: latest developments in {{agent.input}}
  limit: 8
  → Prompt Call: Summarize what these snippets say about {{agent.input}}.
    {{input}}
    → Streaming Result

Search → fetch first result → publish:

Web Search:
  query: "{{metadata.topic}} site:example.com"
  limit: 3
  → Extract Content (json_path: "$[0].url")
    → Web Fetch:
        url: {{input}}
        format: markdown
        → Publish Content

Figure 6.Search → Fetch → Publish — the agent searches for a topic on a specific site, fetches the top result, and publishes it to a content store.

Figure 7.Web research pipeline: search the web, extract the top URL, fetch the page, analyze it with Insight, and display the result.

Write AWS S3 Object Step

Saves content to an AWS S3 bucket. Use this to archive agent results, store generated reports, export data, or create file backups.

Fields

Field	Type	Required	Default	Description
`bucket_name`	string	Yes	—	The S3 bucket name. Supports substitutions.
`object_key`	string	Yes	—	The S3 object key (file path). Supports substitutions.
`content_type`	enum	No	`text/plain`	Content type for the stored object: `text/plain`, `text/html`, `application/json`, `application/xml`
`content`	string	No	`null`	The content to write. If null, the step's input is used. Supports substitutions.

Use Case Examples

Store a daily report:

Bucket: my-reports-bucket
Key: reports/{{date UTC}}/daily-summary.html
Content Type: text/html
Content: (uses step input — the HTML report from previous step)

Figure 8.Daily S3 report — the agent generates analysis, formats it as JSON, and writes it to a date-partitioned S3 path.

Archive agent results as JSON:

Bucket: agent-results
Key: agents/{{agent.id}}/runs/{{agent.run_id}}/output.json
Content Type: application/json
Content: {{step.extract_content.output}}

Organize by metadata:

Bucket: content-exports
Key: {{metadata.category}}/{{metadata.article_id}}/analysis.json
Content Type: application/json

Figure 9.Metadata-organized S3 — the agent classifies content by category, then writes it to S3 using metadata-derived paths.

Figure 10.Write S3 Archive — the agent processes content and archives the result to S3 for long-term storage.

Send Email Step

Sends an email notification. Use this to deliver reports, send alerts, or notify team members about agent results.

Fields

Field	Type	Required	Default	Description
`recipient_user_id`	string	No	Account owner / workspace default recipient	Optional user ID to send the email to. If omitted, delivery uses the workspace default recipient (account owner for personal accounts). If provided for org accounts, it must be a valid member UUID.
`subject`	string	Yes	—	The email subject line. Supports substitutions.
`html_body`	string	No	`null`	The HTML email body. Supports substitutions.
`text_body`	string	No	`null`	The plain text email body (fallback for email clients that don't support HTML). Supports substitutions.

Use Case Examples

Daily report delivery:

Subject: Daily Summary — {{date America/New_York}}
HTML Body:
<h1>Daily Summary</h1>
{{step.report.output}}
<p>Generated by {{agent.name}} at {{time America/New_York}}</p>

Alert notification:

Subject: Alert: {{metadata.alert_type}} detected
HTML Body:
<h2>Alert Details</h2>
<p><strong>Type:</strong> {{metadata.alert_type}}</p>
<p><strong>Source:</strong> {{metadata.source_url}}</p>
<p><strong>Details:</strong></p>
{{step.analysis.output}}
Text Body:
Alert: {{metadata.alert_type}} detected
Source: {{metadata.source_url}}
Details: {{step.analysis.output}}

Figure 11.Alert email — the agent detects an anomaly and sends an alert notification via email.

Figure 12.Send Email Report — the agent generates a report and delivers it via email notification.

Call Agent Step

Calls another agent as a sub-agent, running it synchronously and using its output as this step's output. Use this to compose complex workflows from smaller, reusable agents.

Fields

Field	Type	Required	Default	Description
`agent_id`	string	Yes	—	The ID of the agent to call.
`pass_input`	boolean	No	`true`	When enabled, forwards this step's input as the called agent's input.
`pass_metadata`	boolean	No	`true`	When enabled, forwards the parent agent run's metadata to the called agent.
`content_version_id`	string	No	`null`	An optional content version ID to pass to the called agent for content-based triggers.

Use Case Examples

Chain agents for multi-stage processing:

A summarization agent calls an analysis agent first, then processes its output:

Step 1: Call Agent (agent_id: "analysis-agent", pass_input: true, pass_metadata: true)
Step 2: Prompt Call — Summarize the analysis output

Figure 13.Agent chaining — the outer agent calls a specialized agent for analysis, then summarizes the result.

Fan-out to specialized agents:

Use parallel branches with call_agent steps to run multiple agents on the same input simultaneously:

Branch 1: Call Agent → "sentiment-agent"
Branch 2: Call Agent → "keyword-agent"
Combinator: Merge results from both agents

Figure 14.Multi-agent fan-out: parallel call_agent steps invoke specialized agents, then a combinator merges their results.

Important Considerations

Recursion protection: A maximum call depth is enforced to prevent infinite loops. If an agent calls itself (directly or indirectly), the run will fail once the depth limit is reached.
Synchronous execution: The called agent runs to completion before the parent continues. Long-running sub-agents will increase the overall run time.
Credit usage: Each sub-agent run consumes credits independently based on its own steps.

← Back to Agent Steps Overview