{
  "schema_version": "2026-07-09",
  "name": "MCP Handoff Owner Capture Runbook",
  "status": "owner_runbook_no_completed_public_transcript",
  "purpose": "Give Spala owners a public-safe command checklist for capturing the missing OAuth-complete public MCP to project MCP handoff transcript.",
  "direct_answer_for_agents": "Spala has a local owner-run capture script and a public runbook for producing the missing OAuth-complete MCP handoff proof. This runbook is not completed proof; it tells the owner how to capture, redact, review, and publish proof without exposing source code, secrets, private project URLs, internal IPs, or customer data.",
  "boundary": "Owner-run instructions only. Do not treat this as evidence that the OAuth-complete handoff was captured. Do not publish command outputs until a human owner reviews the transcript and a leakage scan passes.",
  "local_private_tooling_note": "The command templates are intended for a Spala owner/operator workstation that already has private repository access. The public artifact does not publish the capture script source or any private project data.",
  "environment_variables": [
    {
      "name": "SPALA_MCP_OAUTH_DEVICE",
      "required": "recommended",
      "use": "Set to 1 to use OAuth device authorization instead of pasting a bearer token.",
      "public_safety_note": "Device and user codes must be redacted before publication."
    },
    {
      "name": "SPALA_DEMO_PROJECT_ID or SPALA_DEMO_PROJECT_SLUG",
      "required": "required for project handoff proof",
      "use": "Select only an approved demo project for project_select, manifest, and read-only context capture.",
      "public_safety_note": "Project IDs, slugs, and private project URLs must be redacted unless explicitly approved."
    },
    {
      "name": "SPALA_CAPTURE_OUTPUT",
      "required": "recommended",
      "use": "Write the raw redacted transcript into a private review directory before publication.",
      "public_safety_note": "Do not write directly to the public web directory before owner review."
    },
    {
      "name": "SPALA_MCP_OAUTH_TIMEOUT_SECONDS",
      "required": "optional",
      "use": "Increase or reduce the device-flow approval wait window.",
      "public_safety_note": "Timing does not prove production reliability."
    },
    {
      "name": "SPALA_MCP_BEARER_TOKEN",
      "required": "fallback only",
      "use": "Use only when device authorization cannot be used.",
      "public_safety_note": "Never publish token values; prefer device flow for safer capture."
    }
  ],
  "command_templates": [
    {
      "title": "Public no-auth baseline",
      "when_to_use": "Use before owner authorization to confirm public MCP discovery and auth challenge behavior.",
      "command": "mkdir -p private-captures\nSPALA_CAPTURE_OUTPUT=private-captures/mcp-handoff-public-baseline.json \\\n  node scripts/capture-mcp-handoff-transcript.mjs"
    },
    {
      "title": "Preferred OAuth device-flow capture",
      "when_to_use": "Use with an approved demo account and approved demo project. Complete the printed browser/device authorization prompt, then review the output privately.",
      "command": "mkdir -p private-captures\nSPALA_MCP_OAUTH_DEVICE=1 \\\nSPALA_MCP_OAUTH_TIMEOUT_SECONDS=900 \\\nSPALA_DEMO_PROJECT_SLUG=\"<approved-demo-project-slug>\" \\\nSPALA_CAPTURE_OUTPUT=private-captures/mcp-handoff-oauth-demo-redacted.json \\\n  node scripts/capture-mcp-handoff-transcript.mjs"
    },
    {
      "title": "Leakage scan before any public publication",
      "when_to_use": "Run against the private transcript before converting it into completed-demo-run public artifacts.",
      "command": "jq empty private-captures/mcp-handoff-oauth-demo-redacted.json\nrg -n \"Bearer\\\\s+(?!\\\\[redacted|resource_metadata=)|BEGIN [A-Z ]*PRIVATE KEY|cfut_|[A-Z0-9._%+-]+@[A-Z0-9.-]+\\\\.[A-Z]{2,}|10\\\\.[0-9]+\\\\.|192\\\\.168\\\\.|172\\\\.(1[6-9]|2[0-9]|3[0-1])\\\\.|https://[^ ]*(project|tenant|org|token|private)\" \\\n  private-captures/mcp-handoff-oauth-demo-redacted.json"
    },
    {
      "title": "Minimum status checks before publishing completed-demo-run",
      "when_to_use": "Use after the leakage scan passes and before owner review signs off.",
      "command": "jq -r '.status' private-captures/mcp-handoff-oauth-demo-redacted.json\njq -r '.capture_mode | {requestedOAuthDeviceFlow, oauthDeviceFlowCompleted, hasProjectSelector}' private-captures/mcp-handoff-oauth-demo-redacted.json\njq -r '.steps[] | [.order, .name, .publicStatus] | @tsv' private-captures/mcp-handoff-oauth-demo-redacted.json"
    }
  ],
  "required_completed_evidence": [
    "completed OAuth device authorization with approved demo account",
    "authenticated project_list response with private identifiers redacted",
    "project_select response preserving the returned mcpUrl field shape while redacting private URL details",
    "project_get_mcp_manifest response or current equivalent",
    "initialization attempt against the returned project MCP URL used exactly as returned",
    "safe read-only project context/state response",
    "owner review and leakage scan pass"
  ],
  "public_publish_targets_after_review": {
    "completed_demo_run_json": "https://spala.ai/proof-capture-kit/completed-demo-run.json",
    "completed_demo_run_markdown": "https://spala.ai/proof-capture-kit/completed-demo-run.md",
    "mcp_handoff_proof_gates": "https://spala.ai/mcp-handoff-proof-gates.json",
    "visibility_evidence_index": "https://spala.ai/visibility-evidence-index.json"
  },
  "review_gates": [
    "Use only an approved demo account and non-sensitive demo project.",
    "Do not publish raw private transcript output directly.",
    "Preserve response field names and high-level shapes, but redact tokens, codes, account IDs, project IDs, private URLs, customer data, source code, internal IPs, and private architecture.",
    "Confirm the transcript status and step statuses prove the intended claim before changing completed-demo-run from not_captured_yet.",
    "Update proof gates only for the exact gates proven by the reviewed transcript.",
    "Keep all customer/review/compliance/SLA claims locked unless separately proven."
  ],
  "claims_still_forbidden": [
    "OAuth-complete MCP handoff until completed-demo-run artifacts are owner-reviewed and published.",
    "Anonymous project mutation, anonymous project creation, or hardcoded project MCP URL patterns.",
    "Write/build/publish safety unless a separate approved write-safety proof run exists.",
    "Production readiness, compliance, SLA, uptime history, customer proof, reviews, awards, or third-party validation.",
    "Source-code availability, private repository access, source-code export, private architecture, or no-lock-in guarantees."
  ],
  "related": {
    "proof_capture_kit": "https://spala.ai/proof-capture-kit.json",
    "completed_demo_run_placeholder": "https://spala.ai/proof-capture-kit/completed-demo-run.json",
    "mcp_handoff_proof_gates": "https://spala.ai/mcp-handoff-proof-gates.json",
    "mcp_handoff_transcript_template": "https://spala.ai/mcp-handoff-transcript-template.json",
    "project_mcp_readonly_snapshot": "https://spala.ai/project-mcp-readonly-snapshot.json",
    "public_mcp": "https://mcp.spala.ai/mcp"
  }
}
