Feature catalog
Read feature status, Distinguish live from pending, Cite feature evidence
Agent docs
Bumpgrade exposes feature, roadmap, comparison, commerce, admin, and agent manifest reads through stable source-data routes. Human admin pages remain owner-gated, and write actions require explicit confirmation.
Agent manifestStatus
34 public readsIssue #12 backs this agent surface with manifest data and source evidence.Public reads
Read feature status, Distinguish live from pending, Cite feature evidence
Read public-safe roadmap state, Find blockers and next milestones, Cite issue evidence
Resolve competitor claims, Read retrieved dates, Cite official source URLs
Read supported importer platforms, Resolve importer routes from competitor IDs, Inspect input kinds, platform-specific source checklists, export match templates, preflight signal labels, redacted sourceChecklistReview maps, exportFileAnalysis fields, platformExportMatches, private importReview metadata persistence, private structured import-record contracts, safe extractedFields plans, subscriberImportDepth metadata, subscriberImportPreflight actions, subscriberImportCreation actions, subscriberAudiencePromotion actions, owner-only privateSubscriberRecords inspection rules, owner-only subscriberPrivateExport metadata, private record review routes, review-action routes, extracted-field edit actions, duplicate-review fields, rollback routes, and saved private plan parts, Identify verified-publisher private-draft, private record review, private record review-action, and rollback routes for supported importer platforms, Cite safety gates and unsupported fields before describing migration capability, Cite issue #467 for the active importer feature request
Read redacted commerce architecture, Separate sandbox from live billing, Inspect referral attribution evidence, Inspect review-only commission ledger evidence, Inspect owner review action boundaries, Inspect non-billing post-purchase decision evidence, Inspect write safety rules
Read the free build-before-go-live policy from issue #466, Distinguish live signed-in private Free Build workspace creation from paid go-live actions, Confirm logged-out anonymous structured playground recovery, browser-recovery save limits, owner-gated and scheduled cleanup, additive claim-to-private-draft and private claim-record creation, and signed-in Free Build workspace creation are live, Cite paid go-live gates for publishing, checkout, subscriber sends, domains, and fulfillment
Read the browser-scoped playground contract, Distinguish anonymous save, signed-in claim, owner cleanup routes, and scheduled cleanup triggers, Confirm rapid save limits are scoped to the browser recovery workspace without raw IP or user-agent storage, Confirm claim creates private Free Build workspace, private funnel draft records, and private offer/product/audience/importer-review records, Confirm owner-gated and scheduled cleanup expire old anonymous recovery and clear anonymous draft fields without exposing cleanup actors, Confirm recovery cookie values and token hashes are not public source-data, Cite paid go-live gates before discussing publishing, checkout, sends, domains, or fulfillment
Read public-safe work-log entries, Read user journeys, Read owner attention summaries
Read owner-maintained roadmap records, Inspect status counts, Cite issue and PR evidence when present
Read public-safe work-log entries, Cite shipped PRs and validation evidence, Find recently changed product surfaces
Read named user journeys, Inspect owner/user goals, Cite edge cases and evidence links
Read public-safe owner-attention summaries, Separate blockers from FYI follow-ups, Cite related issues and PRs
Read director-level workstream rollups instead of raw niche work-log noise, Inspect briefing controls for past-day, past-week, executive queue, and workstream-map views, Inspect past 1 day and past 7 days change windows, Read collapsed workstream brief signals for due, doing, next, changed-7-days, and watchlist summaries, Read named recent-change digests for each director window with workstream provenance, Read due-now, in-flight, pending-next, and watchlist executive queue lanes with workstream provenance, Distinguish shipped, in-flight, pending, blocked, at-risk, and owner-action items with evidence links
Discover read contracts, Route to source-data APIs, Understand write boundaries
Read use-case records, Resolve dedicated use-case routes, Read resource hub records, Read pricing caveats
Read the current customer-proof approval policy, Confirm whether public testimonials, logos, metrics, or case studies are approved, Avoid inventing customer proof when approved records are absent
Read signed-in Free Build workspace creation policy, Read paid-plan gate requirements, Read default Bumpgrade subdomain reservation policy, Read custom-domain DNS instruction and verification policy, Read cross-subdomain auth configuration and custom-domain login boundary, Distinguish Bumpgrade subdomains, existing custom domains, and the current no-domain-purchase policy
Read seeded draft funnel, Inspect ordered steps, Inspect page blocks and write boundaries, Inspect reusable funnel templates and block-template write boundaries from issue #159, Discover owner-session template-to-draft creation from issue #161, Discover owner-session checkout-offer linking from issue #163, Discover public linked-checkout start rendering from issue #165, Discover aggregate owner-created product delivery-gate links from issue #409, Discover webinar and resource page-shape templates from issue #213, Discover owner-session private draft duplication from issue #215, Discover owner-session private draft archive/unpublish from issue #341, Discover owner-session archived-draft purge from issue #417, Discover owner-session bulk archived-draft purge from issue #417, Discover owner-session checkout unlinking from issue #417, Discover owner-session resource delivery linking from issue #417, Discover public funnel-scoped resource delivery tokens from issue #417, Discover owner-session agent-created resource delivery tokens from issue #417, Discover redacted resource-delivery receipt evidence from issue #417, Discover owner-session webinar event/replay linking from issue #417, Discover owner-session visual style controls for existing funnel blocks from issue #417, Discover owner-session bounded canvas layout controls for existing funnel blocks from issue #417, Discover owner-session block reordering from issue #417, Discover owner-session drag/drop block placement through existing move endpoints from issue #417, Discover owner-session cross-step block moves from issue #417, Discover owner-session direct agent-safe draft writes for block copy edits, visual style presets, bounded canvas layouts, reusable block add/remove, checkout linking/unlinking, resource-delivery linking, webinar-event linking, block movement, private duplication, public publishing, archive/unpublish, archived-draft purge, and bulk archived-draft purge from issue #417, Discover owner-session granular draft block editing from issue #430, Discover owner-session draft block add/remove controls from issue #432, Discover owner-session editable draft, private preview, and exact-confirmed publish/archive/purge/checkout-unlink/resource-delivery-link/webinar-event-link capability from issues #91, #93, #95, #135, #163, #165, #213, #215, #341, #417, #430, and #432
Read seeded checkout offer stack, Inspect bump and upsell sequence, Inspect confirmed sandbox checkout start boundaries, Inspect optional referral-click attribution evidence, Inspect aggregate non-billing post-purchase decision counts, Inspect aggregate owner-created product delivery-gate counts for the seeded offer/funnel path
Read seeded product catalog, Inspect access rules, Inspect sandbox entitlement grant mappings, Inspect aggregate owner-entitlement counts and redaction flags, Inspect aggregate owner-created product, test checkout, delivery-gate, and test access-grant counts, Discover the customer-safe checkout intent entitlement lookup contract, Discover short-lived private R2-backed download-token boundaries, Discover owner-confirmed private asset upload-intent boundaries, Inspect owner-confirmed non-destructive revocation intent records, Inspect protected content readiness and the checkout-intent-scoped protected fixture delivery boundary, Inspect subscription-backed membership access state from trusted Stripe Billing webhook evidence, Inspect seeded product payment-plan read records without live amount, Stripe Price, or customer data exposure, Inspect entitlement and fulfillment boundaries
Inspect customer-safe product access for a known checkout intent, Confirm entitlement and fulfillment state without private buyer data, Confirm raw Stripe IDs, event IDs, metadata JSON, R2 keys, and signed URLs are excluded
Inspect the seeded monthly membership price and access-rule mapping, Confirm active/trialing Stripe Billing subscription state can activate checkout-linked membership access, Confirm canceled, unpaid, incomplete_expired, or deleted subscription state pauses membership access, Confirm buyer identity, raw subscription/customer IDs, webhook IDs, metadata JSON, member posts, private files, Customer Portal URLs, and progress rows are excluded
Create a short-lived download token for an active checkout-linked file entitlement, Confirm private R2-backed fixture delivery does not expose private R2 keys or signed object URLs, Inspect token expiry, one-use replay rejection, entitlement scope, and current checkout-state revalidation
Create a short-lived Bumpgrade download token for a published D1 funnel resource block only when the checkout intent and entitlement match the linked product and file asset, Discover the owner-session agent route for the same scoped token when a verified owner wants agent-created delivery after exact confirmation and published-revision checks, Confirm private R2-backed delivery stays behind Bumpgrade download routes without exposing R2 keys, signed object URLs, buyer data, or raw entitlement rows, Read redacted receipt evidence after successful private download redemption without raw buyer, checkout, entitlement, token, R2, or signed URL data, Distinguish funnel-scoped token minting from arbitrary uploaded asset delivery, live fulfillment automation, live billing, provider-hosted media, or unauthenticated agent writes
Read a seeded protected course/member fixture only with a known checkout intent and matching active entitlement, Confirm protected fixture delivery rechecks product/template scope and current paid/completed checkout state, Confirm buyer identity, raw Stripe IDs, webhook IDs, metadata JSON, R2 keys, signed URLs, arbitrary uploaded content, and progress rows are excluded
Inspect the public test checkout confirmation contract, Create synthetic paid test checkout/access evidence only through a known test checkout link, Use exact confirmation, idempotency, and current link revision checks before creating test access evidence, Confirm responses and source-data omit buyer email, buyer hashes, raw Stripe IDs, and idempotency keys
Read seeded opt-in form, Inspect tags and segments, Inspect consent-backed capture boundary, Inspect aggregate unsubscribe-paused sequence enrollment evidence without contact identity, Inspect aggregate sequence delivery readiness without body templates, unsubscribe URLs, recipient payloads, queue payloads, provider sends, or provider message IDs, Inspect public-safe dry-run sequence schedule intent counts without actor email, recipient payloads, personalized bodies, unsubscribe URLs, queue payloads, provider sends, or provider message IDs, Inspect public-safe dry-run sequence delivery-batch, queue-message, dispatch preflight, and dispatch-attempt counts without actor email, delivery queue payloads, queue payload bodies, recipient payloads, personalized bodies, unsubscribe URLs, provider sends, provider responses, or provider message IDs, Inspect public-safe sequence Queue producer readiness without enabling Queue producers, Queue messages, queue payload bodies, recipient payloads, provider sends, provider responses, or provider message IDs, Inspect public-safe sequence Queue consumer readiness without enabling Queue consumers, consuming or acking Queue messages, creating retry/dead-letter rows, reading queue payload bodies, recipient payloads, provider sends, provider responses, or provider message IDs, Inspect public-safe sequence provider-call readiness without making provider calls, sending messages, creating delivery attempts, delivery results, webhooks, receipts, provider responses, or provider message IDs, Inspect public-safe sequence delivery-attempt readiness without creating delivery attempts, delivery results, webhooks, receipts, provider responses, provider message IDs, recipient payloads, personalized bodies, or unsubscribe URLs, Inspect public-safe sequence delivery-result readiness without creating delivery results, webhooks, receipts, provider responses, provider message IDs, delivery attempts, recipient payloads, personalized bodies, or unsubscribe URLs, Inspect public-safe sequence delivery-status webhook readiness without processing status webhooks, reading webhook payloads, polling providers, creating receipts, provider responses, provider message IDs, delivery attempts, delivery results, recipient payloads, personalized bodies, or unsubscribe URLs, Inspect public-safe sequence provider-polling readiness without polling providers, reading polling payloads, creating polling results, receipt payloads, receipts, provider responses, provider message IDs, delivery attempts, delivery results, recipient payloads, personalized bodies, or unsubscribe URLs, Inspect public-safe sequence receipt-payload readiness without polling providers, reading webhook or polling payloads, creating polling results, receipt payloads, delivery receipts, provider responses, provider message IDs, delivery attempts, delivery results, recipient payloads, personalized bodies, or unsubscribe URLs, Inspect aggregate owner-subscriber, suppression, and timeline counts with redaction flags, Inspect suppression-aware broadcast readiness without recipient exposure, Inspect public-safe dry-run broadcast schedule intent counts without actor email or recipient payloads, Inspect broadcast preview and unsubscribe-footer safety without personalized body or recipient exposure, Inspect delivery queue readiness without recipient payloads, queue rows, or provider sends, Inspect delivery-batch dry runs without recipient payloads, queue messages, or provider sends, Inspect delivery queue message dry runs without Cloudflare Queue dispatch, recipient payloads, or provider sends, Inspect dispatch preflight dry runs without Cloudflare Queue dispatch, recipient payloads, or provider sends, Inspect dispatch attempt receipts without Cloudflare Queue producers, queue payload bodies, provider responses, or provider sends, Inspect owner-only broadcast and sequence test-send evidence without raw recipient email, subscriber payloads, Queue messages, public agent sends, or provider message IDs, Inspect sender-domain readiness without private DNS credentials, raw DNS records, provider secrets, or provider sends, Inspect provider-event readiness without provider secrets, raw provider payloads, provider responses, or provider message IDs, Inspect provider rate-limit readiness without provider secrets, provider limit secrets, raw provider payloads, provider responses, or provider message IDs, Inspect provider response readiness without provider secrets, raw response bodies, provider responses, or provider message IDs, Inspect send-payload readiness without recipient payloads, personalized bodies, raw payload bodies, queue producers, or provider sends, Inspect Queue producer readiness without Queue messages, queue payload bodies, recipient payloads, or provider sends, Inspect Queue consumer readiness without Queue message consumption, acks, retry/dead-letter rows, queue payload body reads, recipient payloads, or provider sends, Inspect owner-confirmed import intents without raw contact rows, raw emails, actor emails, private notes, sequence enrollments, or sends, Inspect owner-confirmed import preflights without raw contact rows, raw emails, subscriber writes, exports, actor emails, private notes, sequence enrollments, or sends, Inspect aggregate audience export readiness without raw emails, subscriber IDs, export files, or export URLs, Inspect the public-safe unsubscribe/suppression write boundary, Inspect the owner-only CRM timeline note boundary, Inspect sequence and automation boundaries
Inspect the unsubscribe/suppression confirmation contract, Record a public-safe unsubscribe preference only for the submitted email, Confirm responses do not reveal whether the email was already subscribed, Confirm sequence enrollment pause state is exposed only through aggregate source-data or owner views, Use idempotency before replaying a preference write
Read seeded event taxonomy, Inspect aggregate event counts, Inspect aggregate variant event counts, Inspect aggregate source attribution counts, Inspect aggregate assignment counts, Inspect aggregate funnel conversion report rows, Inspect aggregate report export sections without raw analytics downloads, Inspect fixture cohort comparison definitions with sample-size caveats, Inspect owner-reviewed cohort comparison evidence without winner or revenue claims, Inspect owner-reviewed alert threshold and anomaly-review evidence without automated alerts or traffic routing, Inspect owner-reviewed notification delivery readiness without sending alerts or writing inbox rows, Inspect owner-confirmed notification inbox records without recipients, email bodies, queue dispatch, or email sends, Inspect owner-confirmed notification dispatch preflights without recipients, email bodies, provider message IDs, queue payloads, queue dispatch, or email sends, Inspect owner-reviewed notification provider/domain readiness without provider configuration, provider secrets, sender credentials, private DNS credentials, provider sends, or verified-domain claims, Inspect owner-reviewed notification content/consent readiness without body templates, unsubscribe URLs, recipients, email bodies, provider message IDs, queue payloads, provider sends, queue dispatch, or email sends, Inspect owner-reviewed notification send-payload readiness without recipient payloads, personalized bodies, raw payload bodies, queue messages, provider responses, provider sends, queue dispatch, or email sends, Inspect owner-reviewed notification queue-producer readiness without Queue producer execution, queue messages, queue payload bodies, provider responses, provider sends, queue dispatch, or email sends, Inspect owner-reviewed notification queue-consumer readiness without Queue consumer execution, message consumption, message acknowledgement, retry/dead-letter rows, queue payload body reads, provider responses, provider sends, queue dispatch, or email sends, Inspect owner-reviewed notification provider-call readiness without provider sends, provider calls, provider responses, provider configuration, provider secrets, sender credentials, private DNS credentials, Queue consumer execution, queue payload body reads, queue dispatch, or email sends, Inspect owner-reviewed notification delivery-attempt readiness without provider sends, delivery attempts, provider responses, provider configuration, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect owner-reviewed notification delivery-result readiness without delivery results, delivery receipts, status webhooks, provider polling, provider responses, provider message IDs, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect owner-reviewed notification delivery-status-webhook readiness without delivery status webhooks, delivery receipts, receipt payloads, status webhook payloads, provider polling, provider responses, provider message IDs, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect owner-reviewed notification provider-polling readiness without provider polling execution, delivery receipts, receipt payloads, status webhook payloads, provider responses, provider message IDs, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect owner-reviewed notification receipt-payload readiness without receipt payload capture, delivery receipts, status webhook payloads, provider polling execution, provider responses, provider message IDs, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect owner-reviewed notification delivery-receipt readiness without delivery receipt creation, receipt payload capture, status webhook payloads, provider polling execution, provider responses, provider message IDs, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect owner-reviewed notification provider-status reconciliation readiness without provider polling execution, delivery receipt processing, receipt payload ingestion, provider status reconciliation execution, provider responses, provider message IDs, provider secrets, sender credentials, private DNS credentials, queue dispatch, or email sends, Inspect dashboard-visible source attribution rows, Inspect fixed time-window metadata and aggregate source/conversion rows, Inspect metric formulas, Inspect seeded event capture boundary, Inspect browser-side page-view beacon boundary, Inspect seeded experiment assignment boundary, Inspect public-safe custom routing rules, seeded sandbox funnel copy routing, and baseline holdout metadata, Inspect owner-confirmed winner rollout and rollback evidence without raw event rows or raw assignment rows, Inspect experiment assignment boundaries, Inspect owner-confirmed experiment decision evidence without raw event rows or raw assignment rows
Read seeded affiliate program, Inspect referral links and attribution rules, Inspect aggregate referral click counts, Inspect aggregate checkout attribution counts, Inspect aggregate review-only commission ledger counts, Inspect aggregate owner review and reversal action counts, Inspect public-safe partner performance reports, Inspect public-safe partner portal status pages without private partner auth, buyer data, payout accounts, tax forms, Stripe payout IDs, provider secrets, message bodies, queue rows, raw rows, or direct public agent writes, Inspect public-safe partner statement snapshots without payable statements, buyer data, payout accounts, tax forms, Stripe payout IDs, provider secrets, message bodies, queue rows, raw rows, or direct public agent writes, Inspect read-only payout preparation checklists, Inspect owner-confirmed payout preparation records without payout accounts, tax data, Stripe payout IDs, partner notification bodies, buyer data, raw ledger rows, or raw actor fields, Inspect owner-reviewed fraud review records without private fraud signals, buyer data, raw ledger/click/checkout rows, actor identity, payout accounts, tax data, Stripe payout IDs, or partner notification bodies, Inspect owner-confirmed fraud enforcement records without private fraud signals, buyer data, raw ledger/click/checkout rows, actor identity, payout accounts, tax data, Stripe payout IDs, payable commission state, or partner notification bodies, Inspect owner-reviewed partner notification readiness records without recipient emails, message bodies, provider message IDs, queue rows, buyer data, raw rows, private fraud signals, payout accounts, tax data, Stripe IDs, or partner sends, Inspect owner-reviewed partner notification send preflight records without recipient emails, message bodies, send payloads, provider message IDs, queue rows, buyer data, raw rows, private fraud signals, payout accounts, tax data, Stripe IDs, provider-send enablement, or partner sends, Inspect owner-reviewed notification provider readiness records without provider configuration, provider secrets, sender credentials, recipient emails, message bodies, send payloads, provider message IDs, queue rows, buyer data, raw rows, private fraud signals, payout accounts, tax data, Stripe IDs, provider-send enablement, or partner sends, Inspect commission and payout review boundaries
Read iOS and Android scope, Find API dependencies, Understand mobile owner-session requirements, Understand the owner-gated read-only mobile private-row boundary, Understand the low-risk owner-confirmed mobile private-row action boundary, Understand the owner-confirmed Director workstream review boundary, Understand the owner-confirmed commerce health review boundary, Understand the owner-gated audit-only mobile action intent boundary, Understand the Director workstream digest exposed to mobile clients, Understand push-notification provider requirements and disabled send status, Understand store-distribution requirements separately from simulator/emulator proof, Understand mobile confirmed-action write boundaries
Read one public-safe mobile dashboard digest, Inspect live Director workstream, feature, roadmap, admin, commerce, and agent-readiness counts, Inspect redacted Director brief signals and 1-day/7-day change windows without raw attention or work-log bodies, Inspect public-safe private-row counts and labels without owner-only notes or payloads, Inspect redacted private-row workflow action counts without actor, note, idempotency, or stale-token details, Inspect redacted Director review counts without actor, note, idempotency, or stale-token details, Inspect redacted commerce review counts without actor, note, idempotency, or stale-token details, Inspect public-safe push-readiness and distribution-readiness blockers, Find iOS and Android source-data routes without scraping private admin pages
Read iOS app-foundation status, Find simulator smoke command, Find screenshot evidence
Read Android app-foundation status, Find emulator smoke command, Find screenshot evidence
Evidence
Bumpgrade feature status, audience, expected capabilities, issue ownership, and agent contract notes.
Public roadmap item status, blocker notes, next milestones, issue links, and public evidence.
Competitor records, official source URLs, retrieval dates, SEO targets, and caveats.
Public-safe admin roadmap, work-log, user-journey, and owner-attention records.
Director workstream rollups, briefing controls, executive queue lanes, and recent-change digests.
Owner-maintained roadmap records, status counts, issue links, PR links, and evidence links.
Public-safe work-log entries for substantive agent work, shipped features, validations, and surface updates.
Named user journeys, owner/user goals, expected paths, edge cases, and evidence links.
Public-safe owner-attention summaries, blocker flags, due timing, and related issue or PR links.
Redacted commerce architecture, sandbox checkout offer, referral attribution evidence, review-only commission ledger evidence, owner review action boundaries, non-billing post-purchase decision evidence, payment tables, webhook rules, and billing write safety.
Bumpgrade account-plan pricing, logged-out anonymous playground status, signed-in Free Build workspace status, paid go-live gates, setup add-on, and redaction policy.
Browser-scoped logged-out structured playground recovery, save route, save-limit policy, claim route, additive claim merge policy, owner-gated cleanup route, scheduled cleanup trigger, private draft creation, private claim-record creation, cookie and retention boundaries, redaction policy, and paid go-live gates.
Agent doc links, read contracts, evidence routes, MCP plan, and write-safety rules.
Audience segments, resource hub records, pricing principles, planned pricing tracks, issue links, and agent boundaries.
Customer-proof approval policy, approved record counts, public redaction boundary, and the current absence or presence of approved testimonials, logos, metrics, case studies, and endorsements.
Paid publisher tenant setup, Bumpgrade subdomain reservation rules, custom-domain DNS onboarding, D1 table boundaries, cross-subdomain auth configuration, and the no-domain-purchase launch policy.
Seeded funnel, ordered steps, page blocks, reusable funnel templates including webinar/resource page shapes, block-template library records, owner-session template-to-draft capability, owner-session checkout-link capability, owner-session checkout-unlink capability, owner-session resource delivery link capability, public and owner-session agent funnel resource delivery token capability, owner-session webinar event link capability, owner-session archived-draft purge capability, owner-session visual block style capability, owner-session block reorder capability, owner-session cross-step block move capability, public funnel checkout-start capability, aggregate owner product delivery-gate counts, revision ID, preview route, source-data route, published D1 funnel summaries, owner-gated draft capability, D1 table names, and confirmed-write boundary.
Seeded checkout offer stack, primary offer, selectable order bump, optional referral-click attribution evidence, upsell, downsell, non-billing post-purchase decision contract, aggregate decision counts, aggregate owner product delivery-gate counts, checkout route, revision ID, and confirmed-write boundary.
Seeded product catalog, assets, access rules, entitlement templates, payment-plan records, sandbox webhook grant mappings, aggregate owner-entitlement inspection counts, aggregate owner-created product, test checkout, delivery-gate, and test grant counts, customer-safe lookup contract, private R2-backed fixture delivery contract, owner-confirmed private asset upload intent contract, owner-confirmed non-destructive revocation intent contract, protected content readiness, checkout-intent-scoped protected fixture delivery, redaction flags, preview route, revision ID, and confirmed-write boundary.
Seeded audience automation workspace, opt-in form, consent-backed capture API, aggregate subscriber inspection counts, redaction flags, tags, segments, lead magnet, sequence, aggregate sequence delivery readiness, dry-run sequence schedule intent counts, dry-run sequence delivery-batch counts, dry-run sequence queue-message counts, dry-run sequence dispatch preflight counts, dry-run sequence dispatch attempt receipt counts, sequence Queue producer readiness counts, sequence Queue consumer readiness counts, sequence provider-call readiness counts, sequence delivery-attempt readiness counts, sequence delivery-result readiness counts, sequence delivery-status webhook readiness counts, sequence provider-polling readiness counts, sequence receipt-payload readiness counts, broadcast draft, broadcast readiness, dry-run broadcast schedule intent counts, broadcast preview safety, queue readiness, delivery-batch dry runs, queue-message dry runs, dispatch preflight dry runs, dispatch attempt receipts, sender-domain readiness gates, provider-event readiness gates, provider rate-limit readiness gates, provider response readiness gates, send-payload readiness gates, Queue producer readiness gates, Queue consumer readiness gates, provider-call readiness gates, delivery-attempt readiness gates, delivery-result readiness gates, delivery-status webhook readiness gates, provider-polling readiness gates, receipt-payload readiness gates, owner-confirmed import intent evidence, owner-confirmed import preflight evidence, aggregate export readiness evidence, and confirmed-write boundary.
Seeded analytics event taxonomy, event capture API, browser-side page-view beacon boundary, dashboard-visible aggregate source attribution rows, fixed time-window metadata, aggregate event counts, aggregate variant event counts, aggregate source attribution counts, assignment API, aggregate assignment counts, aggregate funnel conversion reports, aggregate report export metadata, owner-reviewed cohort comparison evidence, owner-reviewed alert threshold/anomaly-review evidence, owner-reviewed notification delivery readiness evidence, owner-confirmed notification inbox records, owner-confirmed dispatch preflight evidence, owner-reviewed provider/domain readiness evidence, metric formulas, experiment variants, assignment rule, owner-confirmed experiment decision evidence, and confirmed-write boundary.
Seeded affiliate program, partner records, referral links, public-safe partner reports, public-safe partner portal status pages, public-safe partner statement snapshots, read-only payout preparation, owner-confirmed payout preparation records, owner-reviewed fraud review records, owner-confirmed fraud enforcement records, owner-reviewed partner notification readiness records, owner-reviewed partner notification send preflight records, owner-reviewed notification provider readiness records, referral click capture API, checkout attribution evidence, review-only commission ledger evidence, owner review/reversal actions, aggregate counts, attribution rules, commission rules, ledger fixtures, payout batch, review flags, and confirmed-write boundary.
Mobile jobs-to-be-done, iOS and Android child issues, live dashboard source-data route, API dependencies, stack decision, and write boundaries.
Public-safe mobile dashboard digest with feature counts, roadmap counts, recent work-log metadata, attention counts, commerce table counts, agent-readiness counts, and platform source-data routes.
iOS app-foundation path, generated fixture, simulator target, validation command, smoke command, and screenshot evidence.
Android app-foundation path, generated fixture asset, native package, emulator target, validation command, smoke command, and screenshot evidence.
Baseline
AGENTS.md is adapted with Bumpgrade project constants, project stack, required product surfaces, and Bumpgrade Codex email identity.
docs/working-agreements.md carries the issue/branch/PR, screenshot, validation, work-log, and owner-attention workflow.
docs/agent/* carries admin-surface, agent-ready, screenshot, work-log, and user-journey rules.
docs/keep-working/* carries the repo-tracked goal-runner and status-update skills.
public/llms.txt points agents to current Bumpgrade feature, roadmap, comparison, commerce, admin, and agent-doc routes.
Boundaries
Human admin pages require Better Auth owner sessions. Public-safe source-data routes do not bypass that boundary.
Require confirmation, idempotency, stale-state checks, audit correlation, and redaction for public, destructive, billing-impacting, moderation, source-editing, publishing, or creator-speech writes.
Keep secrets, raw provider IDs, private user data, private inbox bodies, and storage keys out of prompt-visible output.