Ready contractRoute
resource bumpgrade://features
Expose feature IDs, statuses, issues, evidence, and agent-contract notes.
Backed by/features/source-data
SafetyRead-only; feature status changes still happen through issue/PR/admin workflows.
Agent docs
MCP should wrap the same contracts the web app already exposes.
The first Bumpgrade MCP resources should read feature, roadmap, comparison, commerce, and admin state from public-safe routes. Tool writes stay planned until confirmed-write APIs exist.
Agent manifestStatus
32 ready contracts31 MCP entries remain planned until the write API and MCP server exist.Resources
Read contracts ready for MCP wrapping
Ready contractRoute
resource bumpgrade://roadmap
Expose roadmap lanes, public evidence, blockers, and next milestones.
Backed by/roadmap/source-data
SafetyRead-only until a confirmed roadmap update API exists.
Ready contractRoute
resource bumpgrade://commerce
Expose redacted commerce architecture, sandbox checkout status, referral attribution evidence, and billing write rules.
Backed by/commerce/source-data
SafetyNo live billing, commission write, payout mutation, or destructive action may be performed by this resource.
Ready contractRoute
resource bumpgrade://content-surfaces
Expose personas, resource records, pricing caveats, and content-surface issue evidence.
Backed by/content/source-data
SafetyRead-only; public resource and pricing claims still require source evidence or shipped product proof.
Ready contractRoute
resource bumpgrade://funnels
Expose seeded funnel, published D1 funnels, ordered steps, blocks, reusable templates including webinar/resource page shapes, block templates, owner-gated draft duplication capability, owner-gated archive/unpublish capability, checkout-link capability, public funnel checkout-start capability, revision IDs, owner-gated draft capability, and write-safety boundaries.
Backed by/funnels/source-data
SafetyPublic resource stays read-only; published linked checkout blocks can render the sandbox checkout start surface, and owner-session draft create/seed/template-create/duplicate/update/reorder/checkout-link/archive, webinar/resource template-to-draft, private preview, exact-confirmed publish, and exact-confirmed archive/unpublish exist in admin UI. Direct agent template creation, block editing, direct agent checkout-link, direct agent duplication, direct agent archive/unpublish, live billing, live webinar scheduling, private resource delivery, destructive delete, and direct agent-edit tools require confirmed-write contracts.
Ready contractRoute
resource bumpgrade://checkout-offers
Expose seeded checkout offer stack, primary offer, constrained order bump, optional referral attribution evidence, upsell, downsell, aggregate post-purchase decision evidence, revision IDs, and billing boundaries.
Backed by/offers/source-data
SafetyRead-only for agents; the public UI can start a sandbox checkout only after exact confirmation and can record non-billing follow-up decisions after trusted checkout state, while live billing, offer writes, fulfillment, commission writes, and post-purchase charges require confirmed-write contracts.
Ready contractRoute
resource bumpgrade://product-access
Expose seeded products, assets, access rules, entitlement templates, revision IDs, aggregate owner-entitlement inspection counts, customer-safe checkout intent lookup, short-lived private R2-backed download-token boundaries with redemption revalidation, owner-confirmed private asset upload-intent boundaries, owner-confirmed non-destructive revocation intent boundaries, protected content readiness, and fulfillment boundaries.
Backed by/products/source-data
SafetyRead-mostly for public agents; customer lookup requires a checkout intent reference and redacts buyer/provider/private asset data. Token delivery streams only the seeded fixture through Bumpgrade. Owner-upload intents require owner auth, exact confirmation, idempotency, catalog revision checks, and redaction. Owner revocation intents require owner auth, exact confirmation, idempotency, current entitlement status checks, and redaction, but still do not mutate entitlement state. Protected-content records remain constrained to checkout-scoped fixture delivery; customer delivery of arbitrary uploads, real protected body delivery, subscription access changes, destructive revocation, and fulfillment actions remain unavailable.
Ready contractRoute
resource bumpgrade://audience-automation
Expose seeded opt-in forms, lead magnets, tags, segments, sequences, broadcasts, automation rules, aggregate subscriber inspection counts, aggregate suppression counts, aggregate CRM timeline counts, aggregate sequence delivery readiness from issue #351, broadcast readiness counts, dry-run schedule intent counts, preview/footer safety records, queue readiness records, delivery-batch dry runs, queue-message dry runs, dispatch preflight dry runs, dispatch attempt receipts, sender-domain readiness gates, provider-event readiness gates, provider rate-limit readiness gates, provider response readiness gates, send-payload readiness gates, Queue producer readiness gates, Queue consumer readiness gates, owner-confirmed import intent evidence, owner-confirmed import preflight evidence, aggregate audience export readiness from issue #347, redaction flags, consent boundaries, unsubscribe boundaries, owner-note boundaries, and owner schedule/delivery-batch/queue-message/dispatch-preflight/dispatch-attempt/import-intent/import-preflight boundaries.
Backed by/audience/source-data
SafetySeeded public opt-in capture, public-safe unsubscribe/suppression evidence, owner-gated subscriber inspection, owner-only CRM notes, aggregate sequence delivery readiness, read-only broadcast readiness, preview/footer safety, queue readiness, sender-domain readiness, provider-event readiness, provider rate-limit readiness, provider response readiness, send-payload readiness, Queue producer readiness, Queue consumer readiness, owner-confirmed dry-run schedule intents, owner-confirmed delivery-batch dry runs, owner-confirmed queue-message dry runs, owner-confirmed dispatch preflight dry runs, owner-confirmed dispatch attempt receipts, owner-confirmed import intents, owner-confirmed import preflights, and aggregate export readiness are live; real imports, raw contact row storage, subscriber creation from imports, sequence scheduling, real sends, private DNS/provider setup, provider webhooks, Cloudflare Queue dispatch, Queue producer execution, Queue consumer execution, queue payload bodies, recipient payloads, personalized bodies, body templates, unsubscribe URLs, provider responses, private exports, export files, export URLs, CRM automation, and direct public agent subscriber writes require confirmed-write contracts.
Ready contractRoute
resource bumpgrade://analytics-experiments
Expose seeded event taxonomy, browser-side page-view beacon boundaries, dashboard-visible aggregate source attribution rows, fixed time-window metadata, aggregate event counts, aggregate source attribution counts, aggregate variant event counts, aggregate assignment counts, aggregate conversion report rows, aggregate report export metadata, owner-reviewed cohort comparison evidence, owner-reviewed alert threshold/anomaly-review evidence, owner-reviewed notification delivery readiness evidence, owner-confirmed notification inbox records, owner-confirmed dispatch preflight evidence, owner-reviewed notification delivery-status webhook readiness evidence, owner-reviewed notification provider-polling readiness evidence, owner-reviewed notification receipt-payload readiness evidence, owner-reviewed notification delivery-receipt readiness evidence, owner-reviewed notification provider-status reconciliation readiness evidence, owner-confirmed experiment decision evidence, metric formulas, experiment variants, assignment rules, and sample-size caveats.
Backed by/analytics/source-data
SafetySeeded event capture, browser-side page-view beacons with deterministic variant evidence and normalized source attribution, deterministic assignment, dashboard-visible fixed-window aggregate source rows, aggregate conversion reporting, aggregate report export metadata, owner-reviewed cohort comparison evidence, owner-reviewed alert threshold/anomaly-review evidence, owner-reviewed notification delivery readiness evidence, owner-confirmed notification inbox records, owner-confirmed dispatch preflight evidence, staged notification readiness through provider-status reconciliation evidence, and owner-confirmed decision evidence are live; cookie assignment, raw visitor tracking, raw referrer/query reporting, raw analytics exports, contact analytics, automated alert sends, owner email sends, provider sends, provider calls, delivery attempts, delivery results, delivery status webhooks, status webhooks, provider polling, receipt payload capture, delivery receipt creation, provider status reconciliation, queue dispatch, customer alerts, experiment traffic routing, custom events, automated winners, and public decision writes require confirmed-write contracts.
Ready contractRoute
resource bumpgrade://analytics-report-exports
Expose aggregate analytics report export metadata, fixture cohort comparison definitions, and owner-reviewed cohort comparison evidence from issues #263 and #265.
Backed by/analytics/source-data
SafetyThis resource reads aggregate report sections, selected fixed windows, sample-size caveats, and redaction flags only. It must not expose raw analytics event rows, raw experiment assignment rows, visitor keys, contact analytics, raw referrer URLs, raw query strings, private notes, traffic routing, automated winners, or revenue claims.
Ready contractRoute
resource bumpgrade://analytics-alert-reviews
Expose owner-reviewed alert threshold and anomaly-review evidence from issue #267.
Backed by/analytics/source-data
SafetyThis resource reads aggregate threshold review prompts, selected fixed windows, sample-size caveats, owner review state, and redaction flags only. It must not expose raw analytics rows, visitor keys, contact analytics, raw referrer URLs, raw query strings, private notes, customer alerts, traffic routing, automated winners, or revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-readiness
Expose owner-reviewed analytics notification delivery readiness evidence from issue #269.
Backed by/analytics/source-data
SafetyThis resource reads future owner-notification readiness, channel metadata, dependency IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not send alerts, write inbox rows, expose recipients, expose email bodies, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-inbox-records
Expose owner-confirmed analytics notification inbox record evidence from issue #271.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification inbox record counts, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not expose recipients, expose email bodies, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-dispatch-preflights
Expose owner-confirmed analytics notification dispatch preflight evidence from issue #284.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification dispatch preflight counts, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not expose recipients, expose email bodies, expose provider message IDs, expose queue payloads, dispatch queues, send email, call providers, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-provider-domain-readiness
Expose owner-reviewed analytics notification provider/domain readiness evidence from issue #286.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification provider/domain readiness counts, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not configure providers, store provider secrets, store sender credentials, expose private DNS credentials, verify sender domains, expose recipients, expose email bodies, expose provider message IDs, expose queue payloads, dispatch queues, send email, call providers, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-content-consent-readiness
Expose owner-reviewed analytics notification content/consent readiness evidence from issue #288.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification content/consent readiness counts, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not expose body templates, expose unsubscribe URLs, expose recipients, expose email bodies, expose provider message IDs, expose queue payloads, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-send-payload-readiness
Expose owner-reviewed analytics notification send-payload readiness evidence from issue #290.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification send-payload readiness counts, content/consent readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider responses, expose provider message IDs, create queue messages, expose queue payloads, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-queue-producer-readiness
Expose owner-reviewed analytics notification queue-producer readiness evidence from issue #292.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification queue-producer readiness counts, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable Queue producers, create Queue messages, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider responses, expose provider message IDs, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-queue-consumer-readiness
Expose owner-reviewed analytics notification queue-consumer readiness evidence from issue #294.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification queue-consumer readiness counts, queue-producer readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider responses, expose provider message IDs, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-provider-call-readiness
Expose owner-reviewed analytics notification provider-call readiness evidence from issue #297.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification provider-call readiness counts, queue-consumer readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, configure providers, create provider responses, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider message IDs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-delivery-attempt-readiness
Expose owner-reviewed analytics notification delivery-attempt readiness evidence from issue #299.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification delivery-attempt readiness counts, provider-call readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, configure providers, create provider responses, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider message IDs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-delivery-result-readiness
Expose owner-reviewed analytics notification delivery-result readiness evidence from issue #301.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification delivery-result readiness counts, delivery-attempt readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, create delivery results, create delivery receipts, expose receipt payloads, process status webhooks, poll providers, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-delivery-status-webhook-readiness
Expose owner-reviewed analytics notification delivery-status webhook readiness evidence from issue #303.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification delivery-status webhook readiness counts, delivery-result readiness IDs, delivery-attempt readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, create delivery receipts, expose receipt payloads, process status webhooks, poll providers, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-provider-polling-readiness
Expose owner-reviewed analytics notification provider-polling readiness evidence from issue #305.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification provider-polling readiness counts, delivery-status-webhook readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, create delivery receipts, expose receipt payloads, process status webhooks, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-receipt-payload-readiness
Expose owner-reviewed analytics notification receipt-payload readiness evidence from issue #307.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification receipt-payload readiness counts, provider-polling readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, create delivery receipts, expose receipt payloads, process status webhooks, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-delivery-receipt-readiness
Expose owner-reviewed analytics notification delivery-receipt readiness evidence from issue #309.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification delivery-receipt readiness counts, receipt-payload readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, create delivery receipts, expose receipt payloads, process status webhooks, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://analytics-notification-provider-status-reconciliation-readiness
Expose owner-reviewed analytics notification provider-status reconciliation readiness evidence from issue #311.
Backed by/analytics/source-data
SafetyThis resource reads aggregate owner-notification provider-status reconciliation readiness counts, delivery-receipt readiness IDs, send-payload readiness IDs, provider/domain readiness IDs, dispatch preflight IDs, inbox record IDs, readiness IDs, channel IDs, selected fixed windows, sample-size caveats, and redaction flags only. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, process delivery receipts, ingest receipt payloads, reconcile provider statuses, expose provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, select winners, or make revenue claims.
Ready contractRoute
resource bumpgrade://affiliate-referrals
Expose seeded affiliate programs, partner records, referral links, public-safe partner reports, read-only payout preparation, owner-confirmed payout preparation records, owner-reviewed fraud review records, owner-reviewed partner notification readiness records, owner-reviewed partner notification send preflight records, owner-reviewed notification provider readiness records, aggregate click counts, checkout attribution evidence, attribution rules, commission fixtures, payout review, and fraud flags.
Backed by/affiliates/source-data
SafetySeeded referral click capture, checkout attribution evidence, review-only commission evidence, owner review actions, public-safe partner reports, read-only payout preparation, owner-confirmed payout preparation records, owner-reviewed fraud review records, owner-reviewed partner notification readiness records, owner-reviewed partner notification send preflight records, and owner-reviewed notification provider readiness records are live; buyer attribution finalization, payable commission writes, fraud enforcement, tax handling, payout account access, partner notification sends, provider-send enablement, provider configuration, provider secret storage, provider calls, send payload creation, queue dispatch, and Stripe payouts require confirmed-write contracts.
Ready contractRoute
resource bumpgrade://publisher-account
Expose paid publisher tenant, Bumpgrade subdomain setup, custom-domain DNS onboarding, and publisher-site auth boundaries from issues #221, #222, #223, and #224.
Backed by/account/source-data
SafetyRead-only MCP resource for setup policy; reserving a subdomain or starting custom-domain onboarding requires authenticated publisher context, active paid-plan entitlement, idempotency, audit correlation, DNS verification state, and redaction. Shared Bumpgrade identity never bypasses tenant-scoped access checks.
Ready contractRoute
resource bumpgrade://mobile-admin
Expose the shared iOS and Android mobile admin plan, jobs, API dependencies, and confirmed-write boundaries.
Backed by/mobile-admin/source-data
SafetyRead-only; mobile writes require a future confirmed-write action API and authenticated actor.
Ready contractRoute
resource bumpgrade://mobile-admin/dashboard
Expose the public-safe mobile dashboard digest that iOS, Android, web, and agents can share.
Backed by/mobile-admin/dashboard/source-data
SafetyRead-only; no private admin rows, write tokens, R2 object keys, signed URLs, or secret values.
Ready contractRoute
resource bumpgrade://mobile-admin/ios
Expose the first iOS app slice, simulator smoke command, fixture path, and screenshot evidence.
Backed by/mobile-admin/ios/source-data
SafetyRead-only; native mobile writes and private account data remain unavailable.
Tools
Planned tools need confirmed-write APIs first.
PlannedIssue #12
tool resolve_public_claim
Resolve a public claim to source IDs, URLs, issues, PRs, and work-log evidence.
Backed by/compare/source-data, /features/source-data, /roadmap/source-data, /admin/work-log/source-data
SafetyMust return caveats when evidence is stale, missing, planned-only, or private.
PlannedIssue #12
tool duplicate_funnel_draft
Duplicate a private draft funnel for an authenticated owner using the same D1 tables and audit model.
Backed by/admin/funnels and /api/admin/funnels/drafts
SafetyRequires owner identity, exact confirmation, idempotency key, current draft revision, audit event, and redaction. Checkout-link metadata must not be copied by default, and the duplicate must remain private until separately published.
PlannedIssue #12
tool archive_funnel_draft
Archive a private draft funnel or unpublish a published D1 draft funnel for an authenticated owner using the same D1 tables and audit model.
Backed by/admin/funnels and /api/admin/funnels/drafts
SafetyRequires owner identity, exact confirmation, idempotency key, current draft revision, audit event, and redaction. Archiving makes the draft read-only, clears the public preview route, and removes the draft from published source-data without deleting draft rows, steps, blocks, checkout links, or audit records.
PlannedIssue #12
tool create_funnel_draft
Create a private draft funnel for an authenticated owner using the same D1 tables and audit model.
Backed by/admin/funnels and /api/admin/funnels/drafts
SafetyRequires owner identity, explicit confirmation, idempotency key, audit event, stale-state check, and redaction before an agent may call it directly.
PlannedIssue #12
tool edit_funnel_step
Edit or reorder a private draft funnel step for an authenticated owner using the same D1 tables and audit model.
Backed by/admin/funnels and /api/admin/funnels/drafts
SafetyRequires owner identity, explicit confirmation for creator-speech edits, idempotency key, audit event, stale-state check, and redaction before an agent may call it directly.
PlannedIssue #12
tool create_product_asset_upload_intent
Create a small private product asset upload record for an authenticated owner on top of the same D1/R2 contract.
Backed by/api/admin/products/assets
SafetyRequires owner identity, exact confirmation, idempotency key, catalog revision check, audit metadata, and redacted output. It must not expose R2 object keys, signed URLs, raw upload bodies, buyer data, or make uploaded assets customer-deliverable.
PlannedIssue #12
tool create_product_revocation_intent
Record a non-destructive product access-removal intent for an authenticated owner on top of the same D1 contract.
Backed by/api/admin/products/revocation-intents
SafetyRequires owner identity, exact confirmation, idempotency key, current entitlement status check, audit metadata, and redacted output. It must not mutate entitlement status, issue refunds, change subscriptions, notify customers, expose private reason text, or enable direct public agent revocation writes.
PlannedIssue #12
tool create_audience_import_intent
Record a non-destructive audience import intent for an authenticated owner on top of the same D1 contract from issue #253.
Backed by/api/admin/audience/import-intents
SafetyRequires owner identity, exact confirmation, idempotency key, workspace revision/status checks, aggregate counts, audit metadata, and redacted output. It must not import contacts, store raw emails or contact rows, create sequence enrollments, send email, expose private notes, or enable direct public agent subscriber writes.
PlannedIssue #12
tool create_audience_import_preflight
Record aggregate audience import preflight evidence for an authenticated owner on top of the same D1 contract from issue #259.
Backed by/api/admin/audience/import-preflights
SafetyRequires owner identity, exact confirmation, idempotency key, workspace revision/status checks, selected import-intent source checks, aggregate count validation, audit metadata, and redacted output. It must not import contacts, create subscribers, store raw emails or contact rows, export private data, create sequence enrollments, send email, expose private notes, or enable direct public agent subscriber writes.
PlannedIssue #12
tool create_analytics_experiment_decision
Record owner-confirmed analytics experiment decision evidence on top of the same D1 contract from issue #261.
Backed by/api/admin/analytics/experiment-decisions
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, experiment status checks, fixed time-window selection, aggregate count validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not route traffic, assign cookies, choose automated winners, expose raw event rows, expose raw assignment rows, expose contact analytics, make revenue claims, or enable direct public agent experiment writes.
PlannedIssue #12
tool create_analytics_notification_inbox_record
Record owner-confirmed analytics notification inbox evidence on top of the same D1 contract from issue #271.
Backed by/api/admin/analytics/notification-inbox-records
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not expose recipients, expose email bodies, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_dispatch_preflight
Record owner-confirmed analytics notification dispatch preflight evidence on top of the same D1 contract from issue #284.
Backed by/api/admin/analytics/notification-dispatch-preflights
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current inbox record checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not expose recipients, expose email bodies, expose provider message IDs, expose queue payloads, dispatch queues, send email, call providers, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_provider_domain_readiness
Record owner-reviewed analytics notification provider/domain readiness evidence on top of the same D1 contract from issue #286.
Backed by/api/admin/analytics/notification-provider-domain-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current dispatch preflight checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not configure providers, store provider secrets, store sender credentials, verify sender domains, expose private DNS credentials, expose recipients, expose email bodies, expose provider message IDs, expose queue payloads, dispatch queues, send email, call providers, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_content_consent_readiness
Record owner-reviewed analytics notification content/consent readiness evidence on top of the same D1 contract from issue #288.
Backed by/api/admin/analytics/notification-content-consent-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current provider/domain readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not expose body templates, expose unsubscribe URLs, expose recipients, expose email bodies, expose provider message IDs, expose queue payloads, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_send_payload_readiness
Record owner-reviewed analytics notification send-payload readiness evidence on top of the same D1 contract from issue #290.
Backed by/api/admin/analytics/notification-send-payload-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current content/consent readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider responses, expose provider message IDs, create queue messages, expose queue payloads, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_queue_producer_readiness
Record owner-reviewed analytics notification queue-producer readiness evidence on top of the same D1 contract from issue #292.
Backed by/api/admin/analytics/notification-queue-producer-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current send-payload readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable Queue producers, create Queue messages, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider responses, expose provider message IDs, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_queue_consumer_readiness
Record owner-reviewed analytics notification queue-consumer readiness evidence on top of the same D1 contract from issue #294.
Backed by/api/admin/analytics/notification-queue-consumer-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current queue-producer readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider responses, expose provider message IDs, dispatch queues, send email, call providers, configure providers, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_provider_call_readiness
Record owner-reviewed analytics notification provider-call readiness evidence on top of the same D1 contract from issue #297.
Backed by/api/admin/analytics/notification-provider-call-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current queue-consumer readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, configure providers, create provider responses, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider message IDs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_delivery_attempt_readiness
Record owner-reviewed analytics notification delivery-attempt readiness evidence on top of the same D1 contract from issue #299.
Backed by/api/admin/analytics/notification-delivery-attempt-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current provider-call readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, configure providers, create provider responses, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, expose provider message IDs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_delivery_result_readiness
Record owner-reviewed analytics notification delivery-result readiness evidence on top of the same D1 contract from issue #301.
Backed by/api/admin/analytics/notification-delivery-result-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current delivery-attempt readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, create delivery results, create delivery receipts, expose receipt payloads, process status webhooks, poll providers, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_delivery_status_webhook_readiness
Record owner-reviewed analytics notification delivery-status webhook readiness evidence on top of the same D1 contract from issue #303.
Backed by/api/admin/analytics/notification-delivery-status-webhook-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current delivery-result readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, create delivery receipts, expose receipt payloads, process status webhooks, poll providers, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_provider_polling_readiness
Record owner-reviewed analytics notification provider-polling readiness evidence on top of the same D1 contract from issue #305.
Backed by/api/admin/analytics/notification-provider-polling-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current delivery-status-webhook readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, create delivery receipts, expose receipt payloads, process status webhooks, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_receipt_payload_readiness
Record owner-reviewed analytics notification receipt-payload readiness evidence on top of the same D1 contract from issue #307.
Backed by/api/admin/analytics/notification-receipt-payload-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current provider-polling readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, create delivery receipts, expose receipt payloads, process status webhooks, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_delivery_receipt_readiness
Record owner-reviewed analytics notification delivery-receipt readiness evidence on top of the same D1 contract from issue #309.
Backed by/api/admin/analytics/notification-delivery-receipt-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current receipt-payload readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, create delivery receipts, expose receipt payloads, process status webhooks, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_analytics_notification_provider_status_reconciliation_readiness
Record owner-reviewed analytics notification provider-status reconciliation readiness evidence on top of the same D1 contract from issue #311.
Backed by/api/admin/analytics/notification-provider-status-reconciliation-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, dashboard revision checks, notification readiness checks, current delivery-receipt readiness checks, fixed time-window evidence validation, sample-size caveat acknowledgement, audit metadata, and redacted output. It must not enable provider sends or calls, attempt delivery, create delivery results, process delivery-status webhooks, poll providers, process delivery receipts, ingest receipt payloads, reconcile provider statuses, configure providers, create provider responses, expose provider message IDs, store provider secrets, store sender credentials, expose private DNS credentials, enable Queue producers, enable Queue consumers, create Queue messages, consume Queue messages, acknowledge Queue messages, create retry/dead-letter rows, read Queue payload bodies, create Queue payload bodies, expose queue payloads, expose recipients, create recipient payloads, create personalized bodies, store raw payload bodies, expose email bodies, expose body templates, expose unsubscribe URLs, dispatch queues, send email, alert customers, route traffic, choose automated winners, expose raw analytics rows, make revenue claims, or enable direct public agent writes.
PlannedIssue #12
tool create_affiliate_payout_preparation_record
Record owner-confirmed affiliate payout preparation evidence on top of the same D1 contract from issue #273.
Backed by/api/admin/affiliates/payout-preparation-records
SafetyRequires owner identity, exact confirmation, idempotency key, program revision checks, payout batch status checks, payout-preparation evidence validation, audit metadata, and redacted output. It must not create payable commission state, create Stripe payouts or transfers, store payout accounts, collect tax data, notify partners, enforce fraud decisions, expose buyer data, expose raw ledger rows, or enable direct public agent writes.
PlannedIssue #12
tool create_affiliate_fraud_review_record
Record owner-reviewed affiliate fraud review evidence on top of the same D1 contract from issue #275.
Backed by/api/admin/affiliates/fraud-review-records
SafetyRequires owner identity, exact confirmation, idempotency key, program revision checks, payout batch status checks, review-flag checks, linked-ledger count validation, audit metadata, and redacted output. It must not enforce fraud decisions, create payable commission state, create Stripe payouts or transfers, store payout accounts, collect tax data, notify partners, expose buyer data, expose raw ledger/click/checkout rows, expose private fraud signals, or enable direct public agent writes.
PlannedIssue #12
tool create_affiliate_partner_notification_readiness_record
Record owner-reviewed affiliate partner notification readiness evidence on top of the same D1 contract from issue #277.
Backed by/api/admin/affiliates/notification-readiness-records
SafetyRequires owner identity, exact confirmation, idempotency key, program revision checks, partner report checks, payout batch status checks, payout preparation record status checks, fraud review record status checks, review-flag checks, linked-ledger count validation, audit metadata, and redacted output. It must not send partner notifications, call providers, create queue rows, expose recipient emails, expose message bodies, expose provider message IDs, enforce fraud decisions, create payable commission state, create Stripe payouts or transfers, store payout accounts, collect tax data, expose buyer data, expose raw ledger/click/checkout rows, expose private fraud signals, or enable direct public agent writes.
PlannedIssue #12
tool create_affiliate_partner_notification_send_preflight_record
Record owner-reviewed affiliate partner notification send preflight evidence on top of the same D1 contract from issue #279.
Backed by/api/admin/affiliates/notification-send-preflights
SafetyRequires owner identity, exact confirmation, idempotency key, program revision checks, partner report checks, payout batch status checks, payout preparation record status checks, fraud review record status checks, notification readiness record status checks, review-flag checks, linked-ledger count validation, provider-send-disabled checks, audit metadata, and redacted output. It must not send partner notifications, enable provider sends, call providers, create send payloads, create queue rows, expose recipient emails, expose message bodies, expose provider message IDs, enforce fraud decisions, create payable commission state, create Stripe payouts or transfers, store payout accounts, collect tax data, expose buyer data, expose raw ledger/click/checkout rows, expose private fraud signals, or enable direct public agent writes.
PlannedIssue #12
tool create_affiliate_partner_notification_provider_readiness_record
Record owner-reviewed affiliate partner notification provider readiness evidence on top of the same D1 contract from issue #281.
Backed by/api/admin/affiliates/notification-provider-readiness
SafetyRequires owner identity, exact confirmation, idempotency key, program revision checks, partner report checks, payout batch status checks, payout preparation record status checks, fraud review record status checks, notification readiness record status checks, send preflight record status checks, review-flag checks, linked-ledger count validation, provider-configuration-disabled checks, provider-secret-redaction checks, sender-credential-redaction checks, provider-send-disabled checks, audit metadata, and redacted output. It must not configure notification providers, store provider secrets, store sender credentials, send partner notifications, enable provider sends, call providers, create send payloads, create queue rows, expose recipient emails, expose message bodies, expose provider message IDs, enforce fraud decisions, create payable commission state, create Stripe payouts or transfers, store payout accounts, collect tax data, expose buyer data, expose raw ledger/click/checkout rows, expose private fraud signals, or enable direct public agent writes.
PlannedIssue #12
tool propose_admin_update
Create proposed feature, roadmap, journey, or work-log updates for owner review.
Backed by/admin/source-data and future confirmed-write APIs
SafetyRequires actor identity, confirmation text, idempotency key, stale-state check, and audit correlation before writing.
API base
HTTP routes stay canonical before MCP exists.
Feature catalog: /features/source-data
Public roadmap: /roadmap/source-data
Competitor comparisons and source evidence: /compare/source-data
Commerce contract: /commerce/source-data
Admin source-data bundle: /admin/source-data
Agent manifest: /agent-docs/source-data
Write safety
MCP tools cannot skip product permissions.
Confirmation
Require confirmation, idempotency, stale-state checks, audit correlation, and redaction for public, destructive, billing-impacting, moderation, source-editing, publishing, or creator-speech writes.
Audit correlation
Confirmed writes need idempotency keys, stale-state checks, before/after summaries, and redacted output.
Source grounding
Tools must cite source IDs, issue/PR evidence, source URLs, and retrieved dates when changing public claims.