Authenticate using an OAuth 2 access token obtained via the mod.io authentication flow (email, Steam, Epic, or other supported identity provider)
Create a mod record first with POST /games/{game-id}/mods, supplying name, summary, and visibility fields; capture the returned mod ID
Upload the mod archive as a multipart/form-data POST to /games/{game-id}/mods/{mod-id}/files, attaching the zip file under the filedata field and providing version and changelog fields
Poll the returned modfile object's virus_status field until it transitions from pending to confirmed clean before announcing the mod as available
If your game has manual curation enabled, notify your moderation team that a new modfile is pending review in the approval queue
Known gotchas
mod.io requires the mod archive to be a zip file; other archive formats are rejected at upload time
Virus scanning is asynchronous; making a mod live before virus_status is confirmed can expose players to unscanned content
The OAuth token must belong to the account that owns the mod or a team member with sufficient permissions; a game API key alone cannot submit modfiles on behalf of users
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp