Agent Integration

Connect your study agent

Point OpenClaw, Cursor, or your own HTTP client at your study data. It is free: your agent brings the compute; we serve your questions and progress. Your key only ever reads your data, never the full bank in bulk.

Profile

Checking account

Agent key

Checking

Endpoint

HTTP API online

Step 1 — Sign in and mint a key

Mint a personal access token, copy it once, and put it in your agent's HTTP config. You can also manage keys from Settings.

Checking your sign-in state…

Step 2 — Point your HTTP client

All endpoints live under a single base URL. Authenticate with a Bearer header on every request.

Base URL

https://study.hecz.dev/api/study-buddy

Auth header

Authorization: Bearer sq_live_<your-key>

Generic HTTP client config

{
  "studyBuddy": {
    "type": "http",
    "baseUrl": "https://study.hecz.dev/api/study-buddy",
    "headers": {
      "Authorization": "Bearer sq_live_<your-key>"
    }
  }
}

Step 3 — Available endpoints

Daily limit: 200 requests per key. Questions are capped at 5 per fetch — no bulk export.

GET
/weak-objectives?n=3

Your lowest-mastery objectives, scored by recency-weighted accuracy. Start here.

GET
/recent-misses?limit=5&objective=4.1

Questions you got wrong recently (your own history only). Includes stem + correct key.

GET
/mastery-summary

Per-domain mastery scores and a predicted CompTIA score (100–900 scale).

GET
/objectives

Static domain + objective tree with weights. No question content.

GET
/questions?objective=4.1&n=4

Up to 5 randomized questions for one objective — stem + choices only, no answer key.

POST
/answer

Submit a picked answer. Returns correct/incorrect + explanation and records the result to your mastery.

There is no endpoint to list all questions at once. The questions endpoint is intent-based (per-objective, max 5) to keep the data useful for quizzing without enabling bulk export.

Example agent flow (curl)

A complete quiz-me session: find weak spots, fetch questions, submit answers, and have the results update your mastery automatically.

1. Find weak objectives

curl -s \
  -H "Authorization: Bearer sq_live_<your-key>" \
  "https://study.hecz.dev/api/study-buddy/weak-objectives?n=3"

Response

{
  "weakObjectives": [
    { "objectiveCode": "4.1", "name": "Apply common security techniques...",
      "mastery": 0.38, "attempts": 9 },
    { "objectiveCode": "2.3", "name": "Explain various types of vulnerabilities",
      "mastery": 0.45, "attempts": 6 }
  ]
}

2. Fetch questions for the weakest objective

curl -s \
  -H "Authorization: Bearer sq_live_<your-key>" \
  "https://study.hecz.dev/api/study-buddy/questions?objective=4.1&n=4"

Response (no answer key)

{
  "objective": "4.1",
  "questions": [
    {
      "id": "secplus-sy0-701:q:4.1-001",
      "objectiveId": "secplus-sy0-701:obj:4.1",
      "stem": "Which hardening technique removes unused services...",
      "choices": [
        { "key": "A", "text": "Patching the OS" },
        { "key": "B", "text": "Disabling unnecessary features" },
        { "key": "C", "text": "Enabling full-disk encryption" },
        { "key": "D", "text": "Installing a HIDS" }
      ]
    }
  ]
}

3. Present question to user, then submit their answer

curl -s -X POST \
  -H "Authorization: Bearer sq_live_<your-key>" \
  -H "Content-Type: application/json" \
  -d '{"questionId":"secplus-sy0-701:q:4.1-001","picked":"B"}' \
  "https://study.hecz.dev/api/study-buddy/answer"

Response (now safe to reveal)

{
  "correct": true,
  "correctKey": "B",
  "explanation": "Disabling unnecessary features reduces the attack surface..."
}

Each POST to /answer records the result to your mastery and spaced-repetition queue — the same as practising in the app.

HTTP tool descriptor

A static tool descriptor is available at /.well-known/study-buddy-mcp.json. It describes the REST tools for agent clients that can ingest an HTTP descriptor. This is not a separate MCP transport server; the six REST endpoints above map to the tools described there: get_weak_objectives, get_recent_misses, get_mastery_summary, get_objectives, get_questions, and submit_answer.

Always free. There is no billing, no message cap, and no LLM running on our side. Your agent brings the reasoning; we provide your questions and progress. The limits are the 200-request daily cap and the 5-question-per-fetch ceiling.