{
  "schema_version": "2026-07-09",
  "name": "Spala MCP Handoff Transcript Template",
  "status": "template_no_results",
  "purpose": "Public-safe capture plan for producing a redacted OAuth-complete Spala Public MCP to project MCP handoff transcript.",
  "boundary": "This is a template and redaction checklist, not proof that a real OAuth-complete handoff has been publicly captured. Do not treat it as evidence of customer data access, production readiness, compliance, SLA, or successful project mutation.",
  "canonical_public_mcp": "https://mcp.spala.ai/mcp",
  "rule_for_agents": "Use the exact project MCP URL returned after Spala authorization and project selection. Do not infer, append, or hardcode project MCP URLs.",
  "allowed_account_type_for_capture": "approved demo account only",
  "required_steps": [
    {
      "order": 1,
      "name": "Connect to public MCP",
      "capture": "Initialize an MCP client against https://mcp.spala.ai/mcp and record protocol initialization metadata.",
      "expected_public_result": "Public MCP initializes and exposes public discovery tools.",
      "redact_before_publish": [
        "client session identifiers",
        "local machine paths",
        "client-specific debug headers"
      ]
    },
    {
      "order": 2,
      "name": "List public tools",
      "capture": "Call tools/list before authentication.",
      "expected_public_result": "Public tools are visible. Project tools may be listed but must require authentication before returning private project state.",
      "redact_before_publish": [
        "client-specific trace IDs"
      ]
    },
    {
      "order": 3,
      "name": "Trigger auth challenge",
      "capture": "Call an auth-gated project tool such as project_list without a token.",
      "expected_public_result": "The server returns an auth-required result or OAuth challenge that points agents to Spala platform authorization.",
      "redact_before_publish": [
        "request IDs",
        "cookies",
        "session identifiers"
      ]
    },
    {
      "order": 4,
      "name": "Fetch OAuth metadata",
      "capture": "Fetch protected-resource and authorization-server metadata from the public MCP domain.",
      "expected_public_result": "OAuth metadata identifies Spala API authorization endpoints and supported flows.",
      "redact_before_publish": [
        "none expected unless headers include session details"
      ]
    },
    {
      "order": 5,
      "name": "Complete Spala authorization",
      "capture": "Complete browser/device authorization with an approved demo account.",
      "expected_public_result": "Client receives an access token usable for the public MCP project-selection tools.",
      "redact_before_publish": [
        "access tokens",
        "refresh tokens",
        "authorization codes",
        "cookies",
        "email addresses",
        "account IDs",
        "browser profile paths"
      ]
    },
    {
      "order": 6,
      "name": "Call project_list",
      "capture": "Call project_list with the authorized demo account.",
      "expected_public_result": "The public MCP returns projects available to the authorized account.",
      "redact_before_publish": [
        "project IDs",
        "project names unless demo-approved",
        "organization IDs",
        "owner emails",
        "customer names",
        "plan/account identifiers"
      ]
    },
    {
      "order": 7,
      "name": "Call project_select",
      "capture": "Select one approved demo project and record the response shape.",
      "expected_public_result": "The response includes the exact project MCP URL or install handoff for that selected project.",
      "redact_before_publish": [
        "project IDs",
        "project slug if not demo-approved",
        "tenant/account identifiers",
        "URL tokens",
        "private hostnames"
      ]
    },
    {
      "order": 8,
      "name": "Verify exact mcpUrl rule",
      "capture": "Show that the client uses the returned mcpUrl exactly and does not derive an API-domain project path or any hardcoded pattern.",
      "expected_public_result": "Transcript proves agents should trust the returned mcpUrl from project_select.",
      "redact_before_publish": [
        "the full project MCP URL if it contains private identifiers; replace with https://[returned-project-mcp-url] while preserving field names"
      ]
    },
    {
      "order": 9,
      "name": "Connect to returned project MCP",
      "capture": "Initialize a second MCP client against the returned project MCP URL.",
      "expected_public_result": "Project MCP initializes only after authorization and project selection.",
      "redact_before_publish": [
        "full project MCP URL if private",
        "session IDs",
        "trace IDs"
      ]
    },
    {
      "order": 10,
      "name": "Read project MCP manifest",
      "capture": "Call project_get_mcp_manifest or the current equivalent manifest tool.",
      "expected_public_result": "Project MCP describes project-scoped build, inspect, validate, and publish tools.",
      "redact_before_publish": [
        "private resource names",
        "project IDs",
        "internal URLs",
        "private tool implementation details"
      ]
    },
    {
      "order": 11,
      "name": "Read public project context",
      "capture": "Call a read-only project context or state inspection tool on the demo project.",
      "expected_public_result": "The agent receives enough project context to understand the selected backend without exposing secrets.",
      "redact_before_publish": [
        "table rows",
        "customer data",
        "secret names and values",
        "env vars",
        "private business data",
        "private source code",
        "internal architecture"
      ]
    },
    {
      "order": 12,
      "name": "Validate read-only safety",
      "capture": "Confirm no write/build/publish action happens during the proof run unless explicitly approved.",
      "expected_public_result": "The published transcript proves discovery and handoff without changing a customer project.",
      "redact_before_publish": [
        "approval logs with personal names unless approved"
      ]
    }
  ],
  "required_redactions": [
    "Access tokens, refresh tokens, authorization codes, cookies, API keys, secrets, env var values, private keys, and bearer headers.",
    "Email addresses, account IDs, organization IDs, billing/customer IDs, and personal names unless explicitly approved for publication.",
    "Private project IDs, private project names, tenant slugs, exact project MCP URLs containing private identifiers, and URL tokens.",
    "Customer data, table rows, uploaded-file names, data samples, logs containing user content, and private business records.",
    "Private source code, private repository names or URLs, implementation architecture, internal IPs, stack traces, and non-public infrastructure hostnames.",
    "Local machine paths, browser profile paths, terminal usernames, SSH hostnames, and client session/debug identifiers."
  ],
  "safe_publish_checklist": [
    "Transcript uses an approved demo account and demo project.",
    "Every token, authorization code, cookie, email, account ID, project ID, tenant slug, URL token, and private project URL has been redacted.",
    "No customer data, private source code, private repo URL, internal IP, secret, stack trace, or private architecture detail appears.",
    "The transcript preserves field names and high-level response shapes needed for agents to understand the handoff.",
    "The transcript clearly labels itself as redacted and dated.",
    "The transcript separates public MCP discovery from project MCP build/validate/publish capabilities.",
    "Any write, validate, publish, or project mutation step is either omitted or explicitly approved and documented."
  ],
  "claims_to_avoid": [
    "Do not claim the template is a successful end-to-end proof.",
    "Do not claim public MCP anonymously creates, modifies, validates, or publishes projects.",
    "Do not claim project MCP URLs follow a stable public pattern.",
    "Do not claim production readiness, compliance, SLA, backups, export, or customer proof from this transcript alone."
  ],
  "related": {
    "mcp_handoff_evidence": "https://spala.ai/mcp-handoff-evidence/",
    "mcp_handoff_evidence_json": "https://spala.ai/mcp-handoff-evidence.json",
    "mcp_profile": "https://spala.ai/mcp-profile/",
    "mcp_smoke_test": "https://spala.ai/mcp-smoke-test/",
    "public_mcp": "https://mcp.spala.ai/mcp"
  }
}