{ "name": "Posview MCP Server", "version": "2026-06-07", "instructions": "Use Posview to read an authenticated workspace's social posting plan, create draft-only content, update explicitly requested unapproved drafts with reversible history, move unapproved drafts to reversible trash, or create proposals and confirmation requests for human review. For multiple creations, updates, cleanup actions, proposals, or confirmation requests in one request, use the matching batch tool and pass every selected item in one call. Direct publishing, approval, scheduling execution, permanent deletion, approved/posted-content mutation or deletion, billing changes, member management, and provider posting/deletion are not available through this MCP server. Do not request or pass full chat transcripts, raw location, OAuth tokens, API keys, MFA/OTP codes, preview passcodes, provider secrets, billing details, or personal data. Write-capable tools create Posview draft/proposal/confirmation records, update unapproved draft fields with before/after history, or move unapproved drafts to trash, and are not safe to retry automatically; ask the user before repeating them. Use returned support and recovery hints when OAuth, scope, plan, or runtime availability blocks a request.", "appProfile": { "version": "2026-06-07", "name": "Posview", "publicPageTitle": "Posview official app AI connection guide", "connectorDescription": "Plan, preview, draft, and request human-reviewed changes for social media posts in Posview workspaces.", "directoryShortDescription": "Plan, preview, draft, and request human-reviewed social post changes in Posview workspaces.", "valueProposition": "Safely connect ChatGPT / OpenAI Apps to a Posview workspace so AI can read social post context, create drafts, store proposals, and create confirmation requests without bypassing approval, scheduling, or publishing gates.", "targetUsers": [ "social media operators", "agency teams", "brand managers", "in-house marketing teams" ], "primaryUseCases": [ "Read workspace context and posting constraints.", "Search posts and read preview-safe post details.", "Create new draft posts.", "Directly update explicitly selected unapproved draft content or draft schedule candidates.", "Move explicitly selected unapproved drafts to the reversible trash.", "Store caption or schedule proposals for existing posts.", "Create confirmation requests that a Posview user approves or rejects." ], "initialSubmissionProfile": "json_mcp_tools_only", "initialSubmissionSummary": "The initial public submission uses OAuth-enabled MCP JSON tools only; no ChatGPT Apps SDK iframe component is enabled.", "requestedOAuthScopes": [ "agent:read", "agent:draft", "agent:schedule:prepare", "agent:confirm:create" ], "humanReviewBoundary": "AI creates drafts, directly updates explicitly selected unapproved drafts, creates proposals and pending confirmation requests, and can move unapproved drafts to reversible trash. Approval, scheduling execution, publishing, permanent deletion, posted/approved content changes or deletion, billing changes, and member removal require Posview permissions and human confirmation.", "unsupportedDirectActions": [ "approve posts", "schedule posts", "publish posts", "permanently delete posts", "delete posted or approved posts", "delete workspaces", "change billing", "remove members" ] }, "endpoint": "/api/mcp", "transport": "streamable_http", "authentication": "Authorization: Bearer ", "oauth": { "protected_resource_metadata": "/.well-known/oauth-protected-resource", "authorization_server_metadata": "/.well-known/oauth-authorization-server", "authorization_endpoint": "/oauth/authorize", "token_endpoint": "/oauth/token", "registration_endpoint": "/oauth/register", "token_endpoint_auth_method": "none", "code_challenge_method": "S256" }, "safety": { "directPublishing": false, "requiresHumanConfirmation": true, "exposesOAuthTokens": false, "exposesBillingDetails": false }, "dataHandling": { "version": "2026-06-07", "workspaceScoped": true, "leastPrivilegeScopes": true, "storesPlaintextTokens": false, "storesRefreshTokenHashes": true, "sendsToAiClient": [ "workspace context", "post metadata", "post captions and scheduled times", "preview-safe post details", "draft/proposal/confirmation request results" ], "neverSendsToAiClient": [ "SNS OAuth tokens", "Agent API keys", "preview passcodes", "Stripe billing secrets", "other workspaces" ], "responseFieldDenylist": [ "accessToken", "refreshToken", "tokenHash", "apiKey", "secret", "password", "mfaSecret", "totpSecret", "passcode", "previewPasscode", "billingAccountId", "stripeCustomerId", "stripeSubscriptionId", "paymentMethodId", "cardNumber", "cvv", "ssn", "taxId", "medicalRecord" ], "minimizationRules": [ "Return only the workspace, post, platform, preview-safe, draft, proposal, and confirmation fields needed for the requested action.", "Do not return credentials, OAuth tokens, API keys, preview passcodes, payment identifiers, MFA secrets, or unrelated workspace data.", "Use stable post/workspace identifiers only when the AI client needs them for the next authorized Agent API or MCP call." ], "logRetention": { "promptResponseTranscriptsVisibleToServiceAdmins": false, "retainedRecords": [ "OAuth grant status", "refresh token hashes", "connected editor attribution", "OAuth client attribution", "Agent API/MCP operation metadata", "post history and audit summaries for write-side actions" ], "summary": "External Agent API and MCP tool prompt/response transcripts are not exposed to service admins as raw transcript logs. Posview retains the minimal connection, token hash, attribution, operation, post history, and audit records needed for revoke, security, usage, and workspace audit flows." }, "retentionDeletion": { "summary": "AI connector data retention is scoped to the minimum records needed for revoke, security, usage, and workspace audit flows. Posview does not keep a separate AI-owned copy of workspace content; post, draft, proposal, and confirmation data remain governed by the normal workspace, post, account deletion, and legal retention processes.", "items": [ { "id": "tool_payloads_and_raw_transcripts", "dataCategory": "Raw AI prompt/response transcripts and transient tool payloads", "retainedRecords": [ "No Service Admin raw prompt/response transcript view for external Agent API / MCP tool activity", "No repository-stored ChatGPT screenshot or transcript evidence" ], "retentionPurpose": "Avoid retaining more prompt or response content than the current authorized request and external review evidence process require.", "deletionTrigger": "Normal request completion, approved evidence cleanup, or legal/support review of externally stored evidence.", "deletionBehavior": "Do not treat raw AI transcripts as a retained Posview admin log. External review evidence is kept outside the repository and removed or redacted through the approved evidence process.", "publicPolicySurface": "/en/privacy, /jp/privacy, /en/apps/ai-agents, /jp/apps/ai-agents, /llms.txt", "reviewerChecks": [ "Confirm public pages say raw external Agent API / MCP prompt-response transcripts are not exposed as Service Admin raw log views.", "Confirm generated review packets contain placeholders and policy text only, not screenshots or raw transcript dumps." ] }, { "id": "oauth_grants_and_refresh_hashes", "dataCategory": "AI OAuth grants, grant status, and refresh token hashes", "retainedRecords": [ "OAuth grant status", "refresh token hashes", "connected editor attribution", "OAuth client attribution" ], "retentionPurpose": "Support reconnect, revoke, stale-token rejection, scope enforcement, security investigation, and workspace audit trails without storing plaintext tokens.", "deletionTrigger": "Connected AI Apps revoke, token expiry or rotation, account deletion request, workspace closure, or security/legal retention review.", "deletionBehavior": "Deactivate or revoke the grant, invalidate token hashes, reject stale access, and retain only token-free audit summaries when needed for security or legal obligations.", "publicPolicySurface": "/ai-connector.json data_handling, /mcp-tools.json dataHandling, /openapi.json x-posview-data-handling", "reviewerChecks": [ "Confirm the revoke-and-stale-token recovery flow rejects old access tokens.", "Confirm dataHandling storesPlaintextTokens is false and storesRefreshTokenHashes is true." ] }, { "id": "operation_metadata_audit", "dataCategory": "Agent API / MCP operation metadata and audit summaries", "retainedRecords": [ "tool name or action id", "timestamp and status", "workspace and actor attribution", "post history and audit summaries for write-side actions" ], "retentionPurpose": "Provide security, usage, support, and workspace auditability while avoiding raw prompt text and restricted credential fields.", "deletionTrigger": "Account deletion request, workspace closure, support/legal retention review, or end of the operational need for the audit record.", "deletionBehavior": "Delete or anonymize records that are no longer needed, while preserving legally required, security-critical, or aggregated audit records without credential material.", "publicPolicySurface": "/en/privacy, /jp/privacy, /llms.txt, /openapi.json x-posview-data-handling", "reviewerChecks": [ "Confirm Response Data Inventory excludes restricted credentials and billing identifiers.", "Confirm operation metadata is described as minimal audit data rather than raw transcript logging." ] }, { "id": "workspace_content_drafts_proposals_confirmations", "dataCategory": "Workspace posts, drafts, proposals, and confirmation requests", "retainedRecords": [ "canonical workspace posts", "draft posts created by authorized AI calls", "pending proposals", "pending confirmation requests" ], "retentionPurpose": "Keep Posview as the canonical workspace source of truth while ensuring AI-created items remain drafts, proposals, or pending human confirmation.", "deletionTrigger": "Post deletion, proposal cleanup, confirmation resolution, workspace closure, account deletion request, or normal workspace data lifecycle.", "deletionBehavior": "Use the normal Posview workspace/post deletion and anonymization flows. The AI connector does not keep a separate workspace-content copy outside those records.", "publicPolicySurface": "/en/privacy, /jp/privacy, /en/terms, /jp/terms, /en/apps/ai-agents, /jp/apps/ai-agents", "reviewerChecks": [ "Confirm draft/proposal/confirmation tools do not directly approve, schedule, publish, or delete posts.", "Confirm the review packet maps these records to human confirmation and workspace deletion processes." ] }, { "id": "reviewer_credentials_external_evidence", "dataCategory": "OpenAI review credentials and ChatGPT screenshot evidence", "retainedRecords": [ "no review account credentials in generated packets", "no OAuth tokens, OTP codes, preview passcodes, or SNS provider tokens in repository evidence", "external screenshots or notes only in the approved evidence location" ], "retentionPurpose": "Let OpenAI reviewers reproduce the connector safely without committing secrets or private review workspace data.", "deletionTrigger": "Post-review credential rotation, evidence retention review, reviewer account cleanup, or failed credential-safety preflight.", "deletionBehavior": "Keep credentials in the approved secure channel only, rotate or revoke review access after review, and redact or remove external screenshots according to the approved evidence process.", "publicPolicySurface": "docs/ai-app-submission-review-packet.md, docs/ai-app-submission-evidence.md, todo.md manual evidence markers", "reviewerChecks": [ "Confirm static preflight rejects credential-like material in generated and handoff docs.", "Confirm Screenshot Evidence Matrix redaction rules are followed before storing external review evidence." ] } ] }, "retentionSummary": "External Agent API and MCP tool prompt/response transcripts are not exposed to service admins as raw transcript logs. Posview retains the minimal connection, token hash, attribution, operation, post history, and audit records needed for revoke, security, usage, and workspace audit flows." }, "runtimeAvailability": { "version": "2026-06-07", "summary": "AI OAuth and Agent API access is rechecked on every token exchange and runtime request. Posview blocks AI access for Free workspaces, global or workspace emergency mode, closed workspaces, inactive grants or memberships, unavailable connected editors, and insufficient OAuth scopes.", "allowedPlans": [ "pro", "agency" ], "checkedOn": [ "OAuth authorization code exchange", "OAuth refresh token rotation", "Agent API bearer authentication", "MCP bearer authentication", "MCP runtime tool calls" ], "blocks": [ { "code": "oauth_plan_required", "condition": "The workspace effective plan is Free.", "recovery": "Move the workspace to Pro or Agency, then reconnect or retry the AI app." }, { "code": "emergency_mode", "condition": "Global or workspace emergency mode is active.", "recovery": "Resolve emergency mode in Posview before retrying the AI operation." }, { "code": "workspace_closed", "condition": "The workspace is closed or scheduled for deletion.", "recovery": "Use an active workspace or reopen the workspace before connecting AI clients." }, { "code": "oauth_grant_inactive", "condition": "The OAuth grant, OAuth client, workspace membership, or connected editor is no longer active.", "recovery": "Reconnect Posview from the AI client and confirm the workspace membership is active." }, { "code": "insufficient_scope", "condition": "The OAuth access token is missing the scope required by a tool.", "recovery": "Re-authorize Posview with the required scope, then retry the same operation." } ] }, "appsSdkComponentSecurity": { "version": "2026-06-07", "status": "planned", "componentUiEnabled": false, "submissionProfile": "json_tools_only", "componentOrigin": "https://posview.app", "uiMeta": { "ui": { "domain": "https://posview.app", "csp": { "connectDomains": [ "https://posview.app" ], "resourceDomains": [ "https://posview.app" ], "frameDomains": [] } }, "openai/widgetCSP": { "connect_domains": [ "https://posview.app" ], "resource_domains": [ "https://posview.app" ], "frame_domains": [], "redirect_domains": [ "https://posview.app" ] }, "openai/widgetDomain": "https://posview.app" }, "notes": [ "Initial ChatGPT App submission uses JSON MCP tools only; no Apps SDK iframe component is registered.", "When a component UI is enabled, use this exact-origin allowlist for _meta.ui.csp and keep openai/widgetCSP.redirect_domains for ChatGPT openExternal targets.", "Subframes are not allowed by default; add frameDomains only after a separate component security review." ] }, "tools": [ { "name": "posview_get_workspace_context", "title": "Get Workspace Context", "description": "Use this when ChatGPT needs plan, AI availability, connected platforms, and publishing constraints for the authenticated Posview workspace. Do not use to read member lists, billing account ids, OAuth tokens, or workspace secrets.", "requiredScopes": [ "agent:read" ], "oauthScopes": [ "agent:read" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read" ] } ], "safety": "read_only", "annotations": { "readOnlyHint": true, "destructiveHint": false, "idempotentHint": true, "openWorldHint": false }, "outputSchemaRef": "#/components/schemas/WorkspaceContextResponse", "appsSdkOutputSchemaRef": "#/components/schemas/WorkspaceContextResponse", "structuredContentRoot": "root" }, { "name": "posview_search_posts", "title": "Search Posts", "description": "Use this when ChatGPT needs to find draft or reviewable posts before choosing one for a read, draft, proposal, or confirmation workflow. Do not use to search other workspaces, deleted posts, billing data, or provider credentials.", "requiredScopes": [ "agent:read" ], "oauthScopes": [ "agent:read" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read" ] } ], "safety": "read_only", "annotations": { "readOnlyHint": true, "destructiveHint": false, "idempotentHint": true, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/PostSearchRequest", "outputSchemaRef": "#/components/schemas/PostSearchResponse", "appsSdkOutputSchemaRef": "#/components/schemas/PostSearchResponse", "structuredContentRoot": "posts" }, { "name": "posview_get_post", "title": "Get Post", "description": "Use this when ChatGPT needs the selected post's planning content, platform captions, schedule, media summary, and review state. Do not use to approve, schedule, publish, delete, or read secrets.", "requiredScopes": [ "agent:read" ], "oauthScopes": [ "agent:read" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read" ] } ], "safety": "read_only", "annotations": { "readOnlyHint": true, "destructiveHint": false, "idempotentHint": true, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/PostIdRequest", "outputSchemaRef": "#/components/schemas/PostDetailResponse", "appsSdkOutputSchemaRef": "#/components/schemas/PostDetailResponse", "structuredContentRoot": "post" }, { "name": "posview_get_post_preview", "title": "Get Post Preview", "description": "Use this when ChatGPT needs to check whether a selected post has a safe preview URL or preview availability status. Do not use to reveal preview passcodes, storage secrets, provider secrets, or share preview URLs unless the user asks.", "requiredScopes": [ "agent:read" ], "oauthScopes": [ "agent:read" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read" ] } ], "safety": "read_only", "annotations": { "readOnlyHint": true, "destructiveHint": false, "idempotentHint": true, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/PostIdRequest", "outputSchemaRef": "#/components/schemas/PostPreviewResponse", "appsSdkOutputSchemaRef": "#/components/schemas/PostPreviewResponse", "structuredContentRoot": "preview" }, { "name": "posview_create_draft_post", "title": "Create Draft Post", "description": "Use this when ChatGPT should create one new draft-only Posview post with optional platform captions, schedules, or explicit same-workspace media-copy references for human review. If the user asks for multiple new drafts, use posview_create_draft_posts instead of calling this tool repeatedly. This creates a new draft record, so do not retry automatically unless the user asks. Do not use to approve, schedule directly, publish, delete, upload new media, expose media storage keys, or create provider-side jobs.", "requiredScopes": [ "agent:read and agent:draft" ], "oauthScopes": [ "agent:read", "agent:draft" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read", "agent:draft" ] } ], "safety": "draft_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/CreateDraftRequest", "outputSchemaRef": "#/components/schemas/CreateDraftResponse", "appsSdkOutputSchemaRef": "#/components/schemas/CreateDraftResponse", "structuredContentRoot": "post" }, { "name": "posview_create_draft_posts", "title": "Create Draft Posts", "description": "Use this when ChatGPT should create multiple new draft-only Posview posts for human review in one user-approved batch, including repeated weekly drafts or explicit same-workspace media-copy references. Put every requested draft in the drafts array instead of calling posview_create_draft_post repeatedly. This creates one draft record per item, so do not retry automatically unless the user asks. Do not use to approve, schedule directly, publish, delete, upload new media, expose media storage keys, or create provider-side jobs.", "requiredScopes": [ "agent:read and agent:draft" ], "oauthScopes": [ "agent:read", "agent:draft" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read", "agent:draft" ] } ], "safety": "draft_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/CreateDraftsRequest", "outputSchemaRef": "#/components/schemas/CreateDraftsResponse", "appsSdkOutputSchemaRef": "#/components/schemas/CreateDraftsResponse", "structuredContentRoot": "drafts" }, { "name": "posview_update_draft_posts", "title": "Update Draft Posts", "description": "Use this when ChatGPT should directly update one or more explicitly selected unapproved draft-only Posview posts after the user asks to edit the draft itself. When the user asks to edit multiple drafts, include every selected draft in one updates array instead of calling per post. This changes Posview draft records and records reversible before/after edit history, so do not retry automatically unless the user asks. Do not use to update approved, posted, deleted, or inaccessible content, approve, schedule directly, publish, delete, create provider-side jobs, change billing, manage members, or expose secrets.", "requiredScopes": [ "agent:read and agent:draft" ], "oauthScopes": [ "agent:read", "agent:draft" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read", "agent:draft" ] } ], "safety": "draft_update_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/UpdateDraftPostsRequest", "outputSchemaRef": "#/components/schemas/UpdateDraftPostsResponse", "appsSdkOutputSchemaRef": "#/components/schemas/UpdateDraftPostsResponse", "structuredContentRoot": "updatedPosts" }, { "name": "posview_move_draft_posts_to_trash", "title": "Move Draft Posts to Trash", "description": "Use this when ChatGPT should move one or more explicitly selected unapproved draft-only Posview posts to the reversible Posview trash after the user asks for cleanup. When the user names multiple drafts, include all selected ids in one postIds array instead of calling per post. This soft-deletes draft records only, so do not retry automatically unless the user asks. Do not use to permanently delete, trash posted or approved content, delete provider-side posts or media, approve, schedule, publish, change billing, manage members, or expose media storage keys.", "requiredScopes": [ "agent:read and agent:draft" ], "oauthScopes": [ "agent:read", "agent:draft" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:read", "agent:draft" ] } ], "safety": "draft_trash_only", "annotations": { "readOnlyHint": false, "destructiveHint": true, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/MoveDraftPostsToTrashRequest", "outputSchemaRef": "#/components/schemas/MoveDraftPostsToTrashResponse", "appsSdkOutputSchemaRef": "#/components/schemas/MoveDraftPostsToTrashResponse", "structuredContentRoot": "movedPosts" }, { "name": "posview_create_post_proposal", "title": "Create Post Proposal", "description": "Use this when ChatGPT should save a separate pending caption or schedule proposal for a selected post without applying it. This creates a new proposal record, so do not retry automatically unless the user asks. Do not use to directly edit, approve, schedule, publish, delete, or create provider-side jobs.", "requiredScopes": [ "agent:draft or agent:schedule:prepare" ], "oauthScopes": [ "agent:draft", "agent:schedule:prepare" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:draft", "agent:schedule:prepare" ] } ], "safety": "proposal_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/CreateProposalRequest", "outputSchemaRef": "#/components/schemas/CreateProposalResponse", "appsSdkOutputSchemaRef": "#/components/schemas/CreateProposalResponse", "structuredContentRoot": "proposal" }, { "name": "posview_create_post_proposals", "title": "Create Post Proposals", "description": "Use this when ChatGPT should save separate pending caption or schedule proposals for multiple selected posts in one batch without applying them. Put every selected post proposal in one proposals array instead of calling posview_create_post_proposal repeatedly. This creates one proposal record per item, so do not retry automatically unless the user asks. Do not use to directly edit, approve, schedule, publish, delete, create provider-side jobs, change billing, manage members, or expose secrets.", "requiredScopes": [ "agent:draft or agent:schedule:prepare" ], "oauthScopes": [ "agent:draft", "agent:schedule:prepare" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:draft", "agent:schedule:prepare" ] } ], "safety": "proposal_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/CreateProposalsRequest", "outputSchemaRef": "#/components/schemas/CreateProposalsResponse", "appsSdkOutputSchemaRef": "#/components/schemas/CreateProposalsResponse", "structuredContentRoot": "proposals" }, { "name": "posview_create_confirmation_request", "title": "Create Confirmation Request", "description": "Use this when ChatGPT should leave a pending confirmation request for a human Posview user to review. This creates a new pending confirmation record, so do not retry automatically unless the user asks. Do not use to apply the request, approve, schedule directly, publish, delete, change billing, or manage members.", "requiredScopes": [ "agent:confirm:create plus matching intent scope" ], "oauthScopes": [ "agent:confirm:create", "agent:draft", "agent:schedule:prepare" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:confirm:create", "agent:draft", "agent:schedule:prepare" ] } ], "safety": "pending_confirmation_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/CreateConfirmationRequest", "outputSchemaRef": "#/components/schemas/CreateConfirmationResponse", "appsSdkOutputSchemaRef": "#/components/schemas/CreateConfirmationResponse", "structuredContentRoot": "confirmationRequest" }, { "name": "posview_create_confirmation_requests", "title": "Create Confirmation Requests", "description": "Use this when ChatGPT should leave pending confirmation requests for multiple selected Posview posts for human Posview users to review in one user-approved batch. Put every selected confirmation request in one requests array instead of calling posview_create_confirmation_request repeatedly. This creates one pending confirmation record per item, so do not retry automatically unless the user asks. Do not use to apply requests, approve, schedule directly, publish, delete, create provider-side jobs, change billing, manage members, or expose secrets.", "requiredScopes": [ "agent:confirm:create plus matching intent scope" ], "oauthScopes": [ "agent:confirm:create", "agent:draft", "agent:schedule:prepare" ], "securitySchemes": [ { "type": "oauth2", "scopes": [ "agent:confirm:create", "agent:draft", "agent:schedule:prepare" ] } ], "safety": "pending_confirmation_only", "annotations": { "readOnlyHint": false, "destructiveHint": false, "idempotentHint": false, "openWorldHint": false }, "inputSchemaRef": "#/components/schemas/CreateConfirmationRequestsRequest", "outputSchemaRef": "#/components/schemas/CreateConfirmationRequestsResponse", "appsSdkOutputSchemaRef": "#/components/schemas/CreateConfirmationRequestsResponse", "structuredContentRoot": "confirmationRequests" } ] }