{"service":"opencmo-mcp-server","protocolStatus":"mcp_ready_contract","remoteMcpEnabled":false,"manifest":"/api/opencmo/mcp/manifest","agentGuide":"/opencmo/agent","authDiscovery":{"protectedResourceMetadata":"/.well-known/oauth-protected-resource/mcp","authorizationServerMetadata":"/.well-known/oauth-authorization-server","resource":"https://opencmo.ai/mcp","bearerMethodsSupported":["header"],"resourceIndicatorsRequired":true},"remoteTransportReadiness":{"specVersion":"2025-11-25","transport":"streamable_http_planned","endpoint":"/mcp","status":"status_only_execution_disabled","jsonRpcVersion":"2.0","schemaDialect":"https://json-schema.org/draft/2020-12/schema","requiredRequestHeaders":[{"name":"Accept","requiredFor":["GET","POST"],"value":"POST accepts application/json and text/event-stream; GET accepts text/event-stream.","status":"required_before_enablement"},{"name":"MCP-Protocol-Version","requiredFor":["GET","POST","DELETE"],"value":"2025-11-25","status":"required_before_enablement"},{"name":"Mcp-Session-Id","requiredFor":["GET","POST","DELETE"],"value":"Server-issued after initialize; required for subsequent session requests.","status":"required_after_initialize"},{"name":"Origin","requiredFor":["GET","POST"],"value":"Must match an allowed OpenCMO origin before remote execution is enabled.","status":"required_before_enablement"},{"name":"Last-Event-ID","requiredFor":["GET"],"value":"Optional SSE resumability cursor after streaming support exists.","status":"optional_resumability"}],"supportedMethods":[{"method":"GET","currentBehavior":"Returns public-safe status JSON; no SSE stream in V1.","futureBehavior":"May open an SSE stream for server-to-client messages after auth exists."},{"method":"POST","currentBehavior":"Returns 501 disabled status in V1.","futureBehavior":"Accepts JSON-RPC 2.0 MCP requests after auth, workspace scope, and audit logs exist."},{"method":"DELETE","currentBehavior":"Not implemented in V1.","futureBehavior":"May terminate authenticated MCP sessions by Mcp-Session-Id."}],"securityRequirements":["origin_validation","authenticated_sessions","workspace_scoped_authorization","rate_limits","command_audit_logs","human_confirmation_gates","tenant_leak_tests"]},"blockedActions":["auto_posting","auto_dm","ad_buying","login_scraping","anti_bot_bypass","unreviewed_external_actions","checkout_or_purchase"],"customerAgentAccess":{"status":"contract_ready_remote_execution_disabled","defaultMode":"public_demo","remoteExecutionEnabled":false,"requiredLaunchGates":["dedicated_supabase_project","invite_auth_verified","workspace_rls_verified","mcp_session_auth","tool_rate_limits","command_audit_logs","human_confirmation_gates","tenant_leak_tests"]},"message":"OpenCMO remote MCP execution is planned after auth, workspace isolation, rate limits, and audit logs. Use the public manifest for the current safe contract."}