When you hand an AI agent a raw curl command with an API key baked in, you're trusting it - and every tool it calls - to never log, retry, or forward that secret. That trust is hard to audit. FirstCall is a local-first Rust workbench that turns verified API calls into redacted agent packages. Secret values are stripped before export. A 112-check validator runs before any agent can import the package. HTTP actually executes locally before a recipe is promoted - no "trust me it works." Here is the full CLI lifecycle, run live against the v0.1.0 release binary. $ firstcall-cli version firstcall-cli 0.1.0 $ firstcall-cli package \ --recipe-json fixtures/verified-agent-recipe.json \ --out ./tmp/demo-pkg Exported agent package to ./tmp/demo-pkg $ firstcall-cli validate-package --dir ./tmp/demo-pkg Package: ./tmp/demo-pkg Status: valid Checks passed: 112 Warnings: 0 Errors: 0 MCP compile smoke: not_requested 112 checks cover manifest integrity, redaction invariants, slot/auth consistency, and import-readiness flags. $ firstcall-cli inspect-package --dir ./tmp/demo-pkg Validation status: valid Import readiness: ready Requires local re-verification: yes Raw secrets imported: no Validation checks passed: 112 Validation errors: 0 Requires local re-verification: yes is set automatically on every import. A recipe cannot be re-exported without running local HTTP verification first. $ firstcall-cli import-package --dir ./tmp/demo-pkg Import status: imported Imported recipe id: 1 Recipe: example_update_user Method: POST URL template: https://api.example.com/users/${user_id}?api_key=${FIRSTCALL_API_KEY} Requires local re-verification: yes Secrets imported: no App storage modified: yes $ firstcall-cli recipe-list Recipes: 1 - ID: 1 Recipe: example_update_user Method: POST Auth style: bearer Requires local re-verification: yes The URL template shows named slots (${user_id}, ${FIRSTCALL_API_KEY}) - actual values are never stored in the package. $ FIRSTCALL_BEARER_TOKEN=$GITHUB_TOKEN \ firstcall-cli verify --recipe-json fixtures/github-user-recipe.json Recipe: GitHub Authenticated User Method: GET URL template: https://api.github.com/user HTTP status: 200 Outcome: success Blocker: none Updated verification time: 2026-05-15T01:46:16Z HTTP 200, real GitHub endpoint, token never written to output. The same trust chain runs in the desktop GUI: paste a curl command or OpenAPI spec, review the parsed candidate, fill runtime slots and auth, execute locally, review the attempt, promote to recipe. Download a binary for your OS from GitHub Releases - includes both firstcall (GUI) and firstcall-cli. Or build from source: cargo build --locked CLI-only (no GUI dependencies): cargo build --locked --bin firstcall-cli --no-default-features curl, OpenAPI (local JSON/YAML), Postman Collection, HAR, .http/.rest, Hurl, Bruno/OpenCollection. GraphQL-over-HTTP is detected from JSON bodies. Remote OpenAPI $ref and multipart file uploads are not supported in v0.1. Repo: rad1092/firstcall-local-api-workbench Release: v0.1.0 CLI docs: docs/cli-lifecycle.md