# Quickstart

> Same index, ranking, safety, and verification through MCP, REST, and CLI.

| Endpoint | Job | Returns | Cost |
|---|---|---|---|
| `POST /discover` | Find candidate skills | Ranked candidates with compact provenance, structured install, and a nested safety summary | 50 discovery workflows per day per IP free; then x402 |
| `POST /inspect` | Decide whether to install one skill | Full content, source provenance, manifest, install options, canonical safety, and a pin block | Free with a valid `query_id`; otherwise same paid workflow bucket |
| `GET /verify` | Re-check a skill you already hold | Verdict and provenance for a source URL or content hash | Free, cacheable, no account |
| `GET /health` | Check liveness and index freshness | Version, uptime, freshness, descriptor links | Free |

Search is how you find a skill. Verification is how you keep trusting it. Pin what you install from `/inspect.pin`, then call `/verify` on load or in CI. If upstream content drifts or the safety verdict changes, the response changes.

## MCP

```json
{
  "mcpServers": {
    "sigildex": {
      "url": "https://sigildex.ai/mcp"
    }
  }
}
```

Your agent gets `discover_skills`, `inspect_skill`, and `verify_skill`. Use `verify_skill` when loading a pinned skill or checking CI because it is free and returns only verdict/provenance.

## REST

```bash
curl -X POST https://sigildex.ai/discover \
  -H "Content-Type: application/json" \
  -d '{"query": "PDF text extraction", "limit": 3}'

curl -X POST https://sigildex.ai/inspect \
  -H "Content-Type: application/json" \
  -d '{"skill_id": "<skill_id>", "query_id": "<query_id>"}'

curl "https://sigildex.ai/verify?content_hash=sha256:<hex>"
```

`/discover` returns `results[].skill_id`, nested `safety`, structured `install`, and `meta.index_status`. `/inspect` returns the full content and `pin`. `/verify` re-checks the pin by hash or source URL.

## CLI

```bash
npx @sigildex/cli search "PDF text extraction" --limit 3
npx @sigildex/cli inspect <skill_id> --query-id <query_id> --content-only
npx @sigildex/cli verify --content-hash sha256:<hex>
```

Use `--json` for structured output. No wallet is needed for the free tier or `verify`. Set `SIGILDEX_WALLET_KEY` only when you want automatic paid discovery beyond the free tier.

## Next

- Full reference: [Reference](https://sigildex.ai/docs/api)
- Payment integration: [Payments](https://sigildex.ai/docs/payments)
- Verification, identity, and hashing: [Verification](https://sigildex.ai/docs/identity)