# AI assistants for DALP operators

Source: https://docs.settlemint.com/docs/operators/ai-agents/overview
Understand how AI assistants use the DALP CLI, MCP tools, and generated skills while staying inside the operator account, organisation, role, and approval boundaries.



AI assistants run inside the DALP CLI session you give them. The assistant can inspect platform state, prepare CLI commands, and summarise structured output. The assistant does not get a separate authority model. Every command uses the authenticated account, active organisation, assigned roles, and DALP validation.

<Callout type="info" title="For developers">
  If you are integrating coding agents into build, test, or scripting workflows, use the [CLI AI agent integration
  guide](/docs/developers/cli/ai-agents). This page is for operators deciding how AI assistants fit into platform
  work.
</Callout>

## What the assistant can control [#what-the-assistant-can-control]

The assistant is not a separate DALP role. It uses the CLI session you give it, so the same permission checks, organisation scope, and API validation apply.

| Work area                | Typical assistant task                                                                        | Control that still applies                                                             |
| ------------------------ | --------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- |
| Token operations         | List assets, inspect supply, prepare mint or pause commands, and explain current token state. | The account must have the token permissions required by the underlying operation.      |
| Identity and KYC         | Find users without verified identity, inspect KYC status, and help prepare follow-up work.    | KYC, identity, and trusted-issuer rules remain platform controls.                      |
| Compliance configuration | Compare token compliance modules and prepare configuration commands.                          | Compliance changes require the same roles and approvals as manual CLI or dapp work.    |
| Reporting                | Summarise token, holder, and operational data from structured CLI output.                     | The assistant only sees data exposed to the authenticated user.                        |
| Troubleshooting          | Check authentication, organisation context, command output, and platform errors.              | The assistant cannot bypass missing roles, expired sessions, or API validation errors. |

<Mermaid
  chart="flowchart TD
    operator[Operator approves scope and final actions] --> assistant[AI assistant prepares work]
    assistant --> shell[CLI shell commands]
    assistant --> mcp[MCP tool calls]
    assistant --> skills[Generated CLI skills]
    shell --> cli[DALP CLI session]
    mcp --> cli
    skills --> cli
    cli --> context[Authenticated account and active organisation]
    context --> controls[DALP roles, permissions, and API validation]
    controls --> platform[Tokens, identities, compliance, and reporting]
    platform --> evidence[DALP records, transaction output, and API responses]
    evidence --> operator"
/>

The operator chooses the session and approves privileged actions. The assistant can prepare work through shell commands, MCP tools, or generated CLI skills, but those paths all converge on the same DALP CLI session. DALP records, transaction output, and API responses remain the evidence source after the run.

## Choose the right integration mode [#choose-the-right-integration-mode]

| Mode               | Use it when                                                                            | Setup path                                                  | Review boundary                                      |
| ------------------ | -------------------------------------------------------------------------------------- | ----------------------------------------------------------- | ---------------------------------------------------- |
| CLI shell commands | The assistant can run terminal commands and parse JSON output.                         | Install the CLI, authenticate, and set JSON output.         | Review the exact shell command before mutation.      |
| MCP tools          | The assistant supports MCP and should call typed DALP tools instead of shell commands. | Register the DALP CLI as an MCP server with `dalp mcp add`. | Review the selected tool, inputs, and target record. |
| CLI skills         | The assistant discovers Markdown skill files and uses them as command guidance.        | Install generated skills with `dalp skills add`.            | Treat skills as guidance, not authorisation.         |

The CLI exposes the same operational surface in each mode. MCP avoids shell parsing by presenting commands as typed tools. Skills give agents command-specific instructions and examples.

## Before you start [#before-you-start]

Give the assistant the narrowest CLI session that can do the job. The assistant inherits the authenticated account, active organisation, visible data, and platform roles. If the account can mint, pause, invite users, or change compliance settings, the assistant can prepare the same operations. Keep the final approval step with a human operator for any action that changes token state, identity records, compliance configuration, or platform access.

Use a separate operator account for agent-assisted work when your operating model requires tighter supervision. That account should have only the roles needed for the task, and the operator should switch to the target organisation before the assistant starts.

## Set up an operator workstation [#set-up-an-operator-workstation]

### 1. Install and authenticate the CLI [#1-install-and-authenticate-the-cli]

```bash
npm install -g @settlemint/dalp-cli
dalp login --url https://your-platform.example.com
```

Confirm the session before giving the assistant access:

```bash
dalp whoami --format json
```

### 2. Pin the organisation context [#2-pin-the-organisation-context]

Operations are scoped to the active organisation. Switch organisation before starting an assistant session when the workstation has access to more than one organisation.

```bash
dalp auth org-list --format json
dalp auth org-switch <organizationId> --format json
```

### 3. Use JSON output for shell-based agents [#3-use-json-output-for-shell-based-agents]

```bash
dalp config set format json
```

Structured output gives the assistant stable fields to parse instead of terminal tables.

### 4. Register MCP and skills when your assistant supports them [#4-register-mcp-and-skills-when-your-assistant-supports-them]

```bash
dalp mcp add
dalp skills add
dalp skills list
```

`dalp mcp add` registers the CLI as an MCP server for supported local agents. `dalp skills add` installs command guidance that agents can discover before they run DALP commands.

## Control privileged actions [#control-privileged-actions]

Use AI assistants for preparation, inspection, and repeatable command execution. Keep approval and accountability with the operator.

Require human review before an assistant runs commands that change regulated asset state or platform access. Treat these actions as review-required by default:

* creating, pausing, unpausing, minting, burning, or transferring assets
* changing token permissions or platform access roles
* approving identity, KYC, or compliance records
* changing trusted issuers, compliance templates, feeds, or provider settings
* replaying webhooks, resubmitting failed operations, or retrying a mutation after an unclear result

Apply these operating rules to every assistant-assisted run:

* Ask the assistant to query state before it proposes a mutation.
* Review the exact command, target token, amount, recipient, and organisation before any state change.
* Keep high-risk operations under the same approval process used for dapp or CLI work.
* Use roles to limit what the authenticated account can do. Do not rely on prompt wording as a permission control.
* Keep production credentials in the local credential store. Do not paste tokens, private keys, recovery codes, or customer data into the assistant conversation.
* Treat assistant output as a draft until the operator checks DALP records, transaction output, or API responses.
* Capture operational evidence from DALP records and transaction output, not from the assistant's summary alone.

## Safe operating pattern [#safe-operating-pattern]

Use this pattern for any assistant-controlled DALP task:

1. Inspect current state with read-only commands.
2. Ask the assistant to propose one exact mutation command or MCP tool input.
3. Review the command, organisation, target resource, and expected effect.
4. Run the approved command with `--format json` when the action uses the shell.
5. Inspect the target state again when the result is unclear.
6. Store the DALP response, transaction reference, action record, or event output as evidence.

```bash
# Inspect the current account and roles.
dalp whoami --format json
dalp system access-manager roles-list --format json

# Inspect the target record before asking the assistant to prepare a change.
dalp tokens read <tokenAddress> --format json
```

Do not let an assistant retry a failed mutation blindly. If the command timed out or returned an unclear error, inspect the target state again before retrying.

## Prompt examples with command patterns [#prompt-examples-with-command-patterns]

Use prompts that force the assistant to inspect before acting. Include the expected DALP command pattern when the task depends on a specific product surface.

### Token inspection [#token-inspection]

```text
List all equity tokens in the active organisation. Do not make changes. Use DALP CLI JSON output and return the token name, symbol, address, total supply, and paused status.
```

Expected command pattern:

```bash
dalp tokens list --format json
```

### Identity review [#identity-review]

```text
Check which users do not have verified identity. Group them by current status and propose the next manual action for each group. Do not approve, invite, or issue claims.
```

Expected command pattern:

```bash
dalp users list --format json
dalp kyc profile <userId> --format json
dalp kyc versions <userId> --format json
```

### Compliance preparation [#compliance-preparation]

```text
Inspect this token's compliance configuration. Tell me which controls are active, which roles can update them, and what command you would run if I approve the change. Do not run the command.
```

Start by checking account and role context:

```bash
dalp whoami --format json
dalp system access-manager roles-list --format json
```

Then inspect token compliance before proposing a change:

```bash
dalp tokens compliance <tokenAddress> --format json
```

Before running `dalp tokens add-compliance-module`, `dalp tokens remove-compliance-module`, or `dalp tokens set-compliance-module-params`, the operator approves the exact command.

## What the assistant should return [#what-the-assistant-should-return]

Before a human approves a privileged command, ask the assistant for a short run note with these facts:

| Fact                               | Why it matters                                                              |
| ---------------------------------- | --------------------------------------------------------------------------- |
| Active organisation                | Prevents the assistant from acting in the wrong tenant.                     |
| Target record                      | Confirms the asset, identity, feed, or role being changed.                  |
| Read-only checks performed         | Shows which DALP state the assistant inspected before proposing the action. |
| Proposed command or MCP tool input | Lets a human review the exact operation before execution.                   |
| Expected effect                    | Makes the state change and rollback or recovery path explicit.              |

Keep secrets, private keys, and recovery material out of the run note.

## What stays outside the assistant [#what-stays-outside-the-assistant]

Prompts and skill files are not security controls. Keep these controls outside the assistant:

* DALP roles and organisation membership
* wallet custody and transaction signing policy
* approval policy for privileged operations
* secrets, API keys, private keys, and recovery material
* incident escalation and final operational sign-off

The assistant can prepare and run commands, but the platform account, wallet controls, and human approval process decide what is allowed.

## Troubleshooting [#troubleshooting]

### DALP tools are not available [#dalp-tools-are-not-available]

1. Check that the CLI is installed.

   ```bash
   dalp --version
   ```

2. Check authentication.

   ```bash
   dalp whoami --format json
   ```

3. Re-run MCP registration if your assistant supports MCP.

   ```bash
   dalp mcp add
   ```

4. Restart the assistant after configuration changes.

### Authentication required [#authentication-required]

The CLI session may be missing or expired.

```bash
dalp login --url https://your-platform.example.com
```

Restart the assistant after login so it can use the refreshed CLI session.

### Permission denied [#permission-denied]

The authenticated account lacks the required role for the operation. Check the current account and ask a platform administrator to grant the needed role.

```bash
dalp whoami --format json
dalp system access-manager roles-list --format json
```

## Next steps [#next-steps]

* Read [CLI AI agent integration](/docs/developers/cli/ai-agents) to wire shell commands, MCP registration, and skill files into a developer workspace.
* Read [CLI scripting](/docs/developers/cli/scripting) for read-before-mutate shell patterns and structured error handling.
* Use the [command reference](/docs/developers/cli/command-reference) to confirm platform command groups such as `auth`, `whoami`, `tokens`, and `system access-manager` before giving an assistant a task.
* Review [user onboarding](/docs/operators/user-management/user-onboarding) before asking an assistant to help with identity workflows.
* Review the [compliance overview](/docs/operators/compliance/overview) before asking an assistant to prepare compliance changes.
* Follow [SDK integration](/docs/developers/api-integration/sdk) when an assistant prepares application code that calls DALP APIs instead of CLI commands.