Governed ability

Upload media

aafm/upload-media Guarded write

Upload an image from base64 data (jpg, png, gif, webp; SVG rejected).

How it is governed

The same model as every ability in the plugin, stated for this one.

  • Off until you enable it

    Like every ability, Upload media ships switched off. You turn it on one at a time, and an update never widens access on its own.

  • Guarded write

    Writes stay conservative, and the plugin re-checks the capability before the call runs.

  • Capability gated

    A connection only sees Upload media if the user you connected can run it, and the plugin checks that capability again before it executes.

  • Every call audited

    The call is written to the log in your own database, denials included, with the argument keys but never the values.

See it in action

An illustrative run. Your real calls and data stay on your own site.

agent-abilities · audit Governed
You Upload media on this site.
Run Running aafm/upload-media
Gate Allowed capability re-checked before running
Audit aafm/upload-media · principal: editor · args: attachment_id
Result Applies the change, then writes the call to the audit log.

Try it with a prompt

Example requests you could paste to your agent.

  1. Upload this base64 PNG into the media library.
  2. Add the attached JPEG to the library so I can use it as a featured image.
  3. Import this base64 WebP graphic into the media library.

These are illustrative example prompts. The agent runs them as the user you connected, checked against that user's capabilities and written to your audit log.

Frequently asked

Short answers for Upload media.

What file types are accepted?

Images provided as base64 data in jpg, png, gif, or webp format. SVG uploads are rejected, since SVG can carry active markup.

How is uploading controlled?

It is a guarded write, off by default, and capability-gated. Every upload is written to the plugin audit log with the acting user.

Back to all abilities

Governed by default, from the first call.

Upload media is off until you enable it, scoped to the user you connect, and logged like everything else. Turn on only what you need.

Every ability off until you enable it, capability-gated on every call.