This document covers live API features that are easy to miss in the README.
It is based on the current code in src/api/routes/ and related modules.
Tandem currently exposes 301 HTTP routes across the API and security route
modules.
Opens a new tab.
urloptional, defaults toabout:blankgroupIdoptionalsourceoptional:robin,kees, orwingmanfocusoptional boolean, defaults totrueinheritSessionFromoptional string tab id
If inheritSessionFrom points at an existing source tab, Tandem will:
- open the destination tab
- dump IndexedDB data from the source tab
- restore that IndexedDB data into the new tab
- reload the destination page
This is intended for sites that keep login state in IndexedDB instead of cookies or localStorage.
If the source tab does not exist, Tandem still opens the tab and ignores the inheritance request.
Use X-Tab-Id: <tabId> when you want to inspect or evaluate a background tab
without focusing it first.
GET /snapshotGET /page-contentGET /page-htmlPOST /execute-jsPOST /waitGET /linksGET /forms
POST /execute-js also still accepts tabId in the JSON body, but the header
is the preferred targeting mechanism.
Snapshot refs now remember which tab produced them, so /snapshot/text,
/snapshot/click, and /snapshot/fill keep resolving against that source tab
instead of whichever tab happens to be active later.
The injection scanner sits on agent-facing content routes:
GET /page-contentGET /page-htmlGET /snapshotGET /snapshot/textPOST /execute-js
It scans returned text and HTML for prompt-injection patterns.
- score
< 30: response passes unchanged - score
30-69: response passes withinjectionWarnings - score
>= 70: response is blocked unless the domain has an active override
Warning responses add:
{
"injectionWarnings": {
"riskScore": 42,
"findingCount": 2,
"summary": "…",
"findings": [
{
"id": "ignore_previous",
"severity": "critical",
"category": "instruction_override",
"description": "Attempts to override prior instructions",
"matchedText": "ignore previous instructions"
}
]
}
}Blocked responses do not include the original page payload.
Temporarily bypasses prompt-injection blocking for one domain.
{ "domain": "example.com" }- grants a 5-minute override
- intended for explicit user confirmation after a block event
Builds the signed OpenClaw gateway connect payload used by Tandem's in-app Wingman chat.
noncerequired
Returns:
{ "params": { "...": "signed connect payload" } }400ifnonceis missing404if~/.openclaw/openclaw.jsonis missing
Exports the current network log in HAR format.
limitoptional, defaults to100domainoptional filter
- returns HAR JSON
- sets
Content-Dispositionso the response downloads as a.harfile
Routes:
GET /integrations/google-photos/statusPOST /integrations/google-photos/configPOST /integrations/google-photos/connectPOST /integrations/google-photos/disconnectGET /google-photos/oauth/callback
These endpoints support local OAuth configuration, connect or disconnect, and the callback flow used for screenshot uploads.
Routes:
GET /previewsPOST /previewPUT /preview/:idGET /preview/:id/metaGET /preview/:idDELETE /preview/:idGET /previews/index
- previews are stored under
~/.tandem/previews/ POST /previewcreates a preview and opens it in a new tab by defaultPUT /preview/:idupdates it and increments its versionGET /preview/:idserves the preview HTML with injected live reload polling- preview pages are public routes so they can be opened directly in a browser tab
Returns a compact agent-oriented view of the active browsing state.
- readiness state
- active tab id, URL, and title
- viewport and scroll data when available
- a short text excerpt from the active page
- all open tabs with active-state markers
Use this when the agent needs context without separately polling /status and
content endpoints.